中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 15/100
上次扫描:1 天前 重新扫描
15 /100
flyai-travel-blindbox
旅行盲盒助手,让旅行回归「探索未知」的本质。用户设底线条件(预算、飞行时间),AI在满足条件的目的地中随机抽取一个
This is a pure-documentation travel blindbox skill with no executable code, scripts, or dependencies. All observed behavior (CLI tool invocation via npx, filesystem user-profile storage, network travel searches) is fully consistent with the declared purpose.
技能名称flyai-travel-blindbox
分析耗时50.7s
引擎pi
可以安装
No immediate action required. Consider adding explicit shell:WRITE and filesystem:WRITE declarations to SKILL.md to fully account for the npm install and ~/.flyai file operations.

安全发现 3 项

严重性 安全发现 位置
低危
Allowed-tools declaration absent 文档欺骗
SKILL.md has no allowed-tools section, making it impossible to verify the declared vs. actual capability gap. The reference docs reveal shell:WRITE and filesystem:WRITE usage that is not declared at the top level.
No allowed-tools section in SKILL.md
→ Add an allowed-tools declaration to SKILL.md covering shell (for npm install and flyai CLI) and filesystem (for ~/.flyai/ profile storage)
 SKILL.md:1
低危
Unpinned CLI package dependency 供应链
The skill references @fly-ai/flyai-cli@latest via npm install -g, with no version pinning. This could allow a malicious version to be delivered if the package is compromised.
npm install -g @fly-ai/flyai-cli@latest
→ Pin to a specific version hash or use a verified lockfile for the CLI tool
 reference/workflow.md:17
提示
NODE_TLS_REJECT_UNAUTHORIZED=0 disables SSL verification 文档欺骗
The workflow documentation instructs to prefix all flyai commands with NODE_TLS_REJECT_UNAUTHORIZED=0 to bypass SSL certificate errors. This could facilitate man-in-the-middle attacks if the environment is compromised.
NODE_TLS_REJECT_UNAUTHORIZED=0 flyai keyword-search
→ Resolve the root cause of SSL certificate failures rather than globally disabling TLS verification
 reference/workflow.md:30
资源类型声明权限推断权限状态证据
网络访问 NONE READ ✓ 一致 reference/workflow.md:31 — flyai CLI makes network requests to Alibaba Fliggy AP…
命令执行 NONE WRITE ✓ 一致 reference/workflow.md:17 — npm install -g @fly-ai/flyai-cli@latest; reference/wo…
文件系统 NONE WRITE ✓ 一致 reference/user-profile-storage.md — writes to ~/.flyai/user-profile.md
技能调用 NONE READ ✓ 一致 SKILL.md — uses search_memory, update_memory, ask_user_question tools not listed…
4 项发现
🔗
中危 外部 URL 外部 URL
https://img.alicdn.com/...
reference/search-hotel.md:44
🔗
中危 外部 URL 外部 URL
https://img.alicdn.com/tfscom/...
reference/search-poi.md:32
🔗
中危 外部 URL 外部 URL
https://nodejs.org/
reference/workflow.md:19
🔗
中危 外部 URL 外部 URL
https://registry.npmmirror.com
reference/workflow.md:21

目录结构

16 文件 · 36.5 KB · 1162 行
Markdown 16f · 1162L
├─ 📁 reference
│ ├─ 📝 ai-search.md Markdown 26L · 659 B
│ ├─ 📝 algorithm.md Markdown 13L · 424 B
│ ├─ 📝 examples.md Markdown 101L · 3.4 KB
│ ├─ 📝 flight-range.md Markdown 12L · 597 B
│ ├─ 📝 keyword-search.md Markdown 53L · 1.6 KB
│ ├─ 📝 search-flight.md Markdown 87L · 3.0 KB
│ ├─ 📝 search-hotel.md Markdown 57L · 1.8 KB
│ ├─ 📝 search-marriott-hotel.md Markdown 54L · 1.8 KB
│ ├─ 📝 search-marriott-package.md Markdown 40L · 995 B
│ ├─ 📝 search-poi.md Markdown 47L · 2.2 KB
│ ├─ 📝 search-train.md Markdown 77L · 2.6 KB
│ ├─ 📝 self-learning.md Markdown 19L · 450 B
│ ├─ 📝 tools.md Markdown 34L · 782 B
│ ├─ 📝 user-profile-storage.md Markdown 187L · 4.1 KB
│ └─ 📝 workflow.md Markdown 260L · 8.5 KB
└─ 📝 SKILL.md Markdown 95L · 3.9 KB

安全亮点

✓ Pure Markdown documentation package — zero executable code, scripts, or binaries
✓ No obfuscation patterns (base64, eval, atob) detected
✓ No credential harvesting, environment variable iteration, or sensitive path access (~/.ssh, ~/.aws, .env)
✓ No reverse shell, C2 communication, or data exfiltration patterns
✓ No prompt injection instructions or jailbreak content
✓ No typosquatting, malicious dependencies, or supply-chain attack indicators beyond version pinning
✓ All behavior (travel search, user profile storage) is contextually appropriate for the declared purpose
✓ External URLs are standard Alibaba CDN assets (img.alicdn.com), consistent with Fliggy travel API