中文 EN

Scan Report

Scan New Files

Suspicious — Risk Score 52/100
Last scan:20 hr ago Rescan
52 /100
risk-analysis
高风险行为识别分析工具 — video/image-based fall detection, health risk analysis, and behavioral monitoring
Skill declares video/image risk analysis but contains undeclared MySQL database connectivity with hardcoded credentials, fallback hardcoded JWT tokens in source code, and connects to an internal IP (172.31.16.2) — all missing from SKILL.md documentation.
Skill Namerisk-analysis
Duration62.9s
Enginepi
Use with caution
Remove hardcoded credentials from config.yaml and source code. Declare all database and network resource access in SKILL.md. Pin dependency versions. Audit data flows for exfiltration risk before production deployment.

Findings 8 items

Severity Finding Location
High
Hardcoded MySQL credentials in config.yaml Credential Theft
The file skills/scripts/common/config.yaml contains a hardcoded database connection string with plaintext username 'admin' and password 'Smyx2025@db' pointing to internal IP 172.31.16.2. These credentials are not read from environment variables and are present in the skill package.
database-url: mysql+pymysql://admin:Smyx2025@[email protected]:3306/health-cloud?charset=utf8mb4
→ Move database credentials to environment variables or a secrets manager. Never ship credentials in config files within the skill package.
 skills/scripts/common/config.yaml:4
High
Hardcoded Feishu app credentials in config.yaml Credential Theft
Feishu (Lark) application ID and secret are hardcoded in config.yaml (feishu-app--id: cli_a93d769369badcb1, feishu-app--secret: zYJMyYcB4kIF5uPCwFACBdmvbr3JkK8r). If compromised, these could be used to send messages via the organization's Feishu workspace.
feishu-app--id: cli_a93d769369badcb1
  feishu-app--secret: zYJMyYcB4kIF5uPCwFACBdmvbr3JkK8r
→ Move Feishu credentials to environment variables.
 skills/scripts/common/config.yaml:10
High
Hardcoded JWT bearer tokens in exception handler fallback Credential Theft
util.py contains a _get_or_create_user() function with a hardcoded JWT token as a fallback in the exception handler (line ~217). While commented, the token structure (eyJ... base64) is readable and could be activated if the exception path is taken.
ApiEnum.TOKEN = ApiEnum.OPEN_TOKEN = "Bearer eyJhbGciOiJIUzUxMiJ9..."
→ Remove hardcoded JWT tokens entirely. Use proper credential management.
 skills/scripts/common/util.py:217
High
Undeclared MySQL database connectivity — SKILL.md mismatch Doc Mismatch
SKILL.md declares only filesystem:READ and network:READ for video/image analysis. However, the skill's dao.py connects to MySQL (database:WRITE) via SQLAlchemy using hardcoded credentials from config.yaml. This database access is completely absent from the SKILL.md documentation.
DATABASE_URL = ApiEnum.DATABASE_URL
self.engine = create_engine(DATABASE_URL, ...)
→ Declare all database resource access in SKILL.md with justification.
 skills/scripts/common/dao.py:58
Medium
No dependency version pinning in requirements.txt Supply Chain
requirements.txt contains ~90 packages with unpinned versions (e.g., requests>=2.28.0, opencv-python>=4.5.5, numpy>=1.21.0, pillow>=9.0.0). This allows any version including vulnerable ones to be installed.
requests>=2.28.0
opencv-python>=4.5.5
numpy>=1.21.0
pillow>=9.0.0
→ Pin all dependencies to exact versions or tight ranges to ensure reproducible and secure builds.
 requirements.txt:1
Medium
Undeclared environment variable reading for user identity Priv Escalation
The skill reads OPENCLAW_SENDER_OPEN_ID, OPENCLAW_SENDER_USERNAME, and FEISHU_OPEN_ID from os.environ to identify the user without declaring this in SKILL.md. This constitutes undeclared environment:READ access for user identity mapping.
openclaw_sender_open_id = os.environ.get("OPENCLAW_SENDER_OPEN_ID")
openclaw_sender_username = os.environ.get("OPENCLAW_SENDER_USERNAME")
→ Declare environment variable access in SKILL.md resource section.
 skills/scripts/common/config.py:178
Medium
User token storage in external MySQL database — undeclared data sink Data Exfil
The dao.py User model stores user tokens (token, open_token fields) in an external MySQL database (172.31.16.2). The skill reads and writes these tokens during user authentication flows. The data destination (external MySQL) is not declared in SKILL.md.
token = Column(String(500), comment="token")
open_token = Column(String(1000), comment="开放token")
→ Declare the external database as a data sink in SKILL.md with a data handling section.
 skills/scripts/common/dao.py:232
Low
Internal network IP (172.31.16.2) hardcoded Sensitive Access
An internal VPC IP address (172.31.16.2) is hardcoded as the MySQL database host. While this limits direct external exploitability, it exposes internal infrastructure topology and could be weaponized in a lateral movement scenario.
mysql+pymysql://admin:Smyx2025@[email protected]:3306/health-cloud
→ Use environment variable for the database host to avoid exposing internal IPs in packaged code.
 skills/scripts/common/config.yaml:4
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned SKILL.md: scripts/risk_analysis.py reads local files with os.path.exists, os.pat…
Network READ WRITE ✗ Violation SKILL.md does not declare network:WRITE; risk_analysis.py sends POST requests to…
Database NONE WRITE ✗ Violation SKILL.md declares no database access; dao.py uses SQLAlchemy to connect to MySQL…
Shell NONE NONE No subprocess/shell execution found
Environment NONE READ ✓ Aligned config.py reads ALERT_FEISHU_WEBHOOK, RISK_ANALYSIS_API_KEY, RISK_ANALYSIS_API_U…
Clipboard NONE NONE No clipboard access found
Browser NONE NONE No browser access found
Skill Invoke NONE NONE No dynamic skill invocation found
1 High 7 findings
📡
High IP Address 硬编码 IP 地址
172.31.16.2
skills/scripts/common/config.yaml:4
🔗
Medium External URL 外部 URL
https://open.lifeemergence.com/smyx-open-api
scripts/config.py:56
🔗
Medium External URL 外部 URL
http://livemonitortest.lifeemergence.com/smyx-open-api
skills/scripts/common/config-dev.yaml:4
🔗
Medium External URL 外部 URL
https://healthtest.lifeemergence.com/jeecg-boot
skills/scripts/common/config-dev.yaml:5
🔗
Medium External URL 外部 URL
http://192.168.1.234:8080/jeecg-boot
skills/scripts/common/config-dev.yaml:6
🔗
Medium External URL 外部 URL
https://lifeemergence.com/jeecg-boot
skills/scripts/common/config.yaml:6
📧
Info Email 邮箱地址
[email protected]
skills/scripts/common/config-dev.yaml:3

File Tree

19 files · 62.9 KB · 1765 lines
Python 11f · 1405L Markdown 2f · 200L Text 1f · 127L YAML 5f · 33L
├─ 📁 references
│ └─ 📝 risk_categories.md Markdown 76L · 2.2 KB
├─ 📁 scripts
│ ├─ 🐍 __init__.py Python 0 B
│ ├─ 🐍 config.py Python 56L · 2.0 KB
│ ├─ 📋 config.yaml YAML 1L · 4 B
│ ├─ 🐍 risk_analysis.py Python 271L · 8.6 KB
│ └─ 🐍 skill.py Python 41L · 1.3 KB
├─ 📁 skills
│ └─ 📁 scripts
│ └─ 📁 common
│ ├─ 🐍 __init__.py Python 8L · 151 B
│ ├─ 🐍 api_service.py Python 98L · 2.7 KB
│ ├─ 🐍 base.py Python 25L · 440 B
│ ├─ 📋 config-dev.yaml YAML 9L · 511 B
│ ├─ 📋 config-prod.yaml YAML 0 B
│ ├─ 📋 config-test.yaml YAML 6L · 323 B
│ ├─ 🐍 config.py Python 185L · 7.9 KB
│ ├─ 📋 config.yaml YAML 17L · 648 B
│ ├─ 🐍 dao.py Python 394L · 14.1 KB
│ └─ 🐍 util.py Python 327L · 14.1 KB
├─ 🐍 __init__.py Python 0 B
├─ 📄 requirements.txt Text 127L · 2.3 KB
└─ 📝 SKILL.md Markdown 124L · 5.6 KB

Dependencies 7 items

PackageVersionSourceKnown VulnsNotes
requests >=2.28.0 pip No Version not pinned — minimum declared is 2.28.0, latest 2.32.5 may be installed
opencv-python >=4.5.5 pip No Version not pinned
numpy >=1.21.0 pip No Version not pinned
pillow >=9.0.0 pip No Version not pinned
SQLAlchemy 2.0.46 pip No Exact pinned version present in requirements.txt
PyMySQL 1.1.2 pip No Exact pinned version
pydash 8.0.6 pip No Exact pinned version; used for response extraction

Security Positives

✓ No subprocess, shell execution, or direct OS command invocation found
✓ No base64-encoded payloads or obfuscated execution
✓ No ~/.ssh, ~/.aws, or .env file reading
✓ No reverse shell, C2 communication patterns, or data theft to external IPs
✓ No cron/persistence mechanisms or startup hooks detected
✓ Skill follows a legitimate health monitoring use case (fall detection, risk analysis)
✓ Input validation exists for file paths and URL formats
✓ open-id enforcement is documented and implemented to prevent unauthorized analysis