Scan Report
0 /100
flexible-web-tester
智能 Web UI 测试工作台,支持 MCP 直接驱动和 Python 脚本驱动双模式,三种测试模式,强制人工确认,安全可控。
Pure documentation skill describing a web UI testing workflow with no executable code, scripts, or dependencies. Contains proper security controls including human confirmation gates before execution.
Safe to install
This skill is safe to use. No action required.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | SKILL.md describes File System MCP for reading/writing test cases and reports |
| Shell | WRITE | WRITE | ✓ Aligned | SKILL.md describes CLI/Terminal MCP for executing Python scripts |
| Browser | WRITE | WRITE | ✓ Aligned | SKILL.md describes Playwright MCP for browser control |
| Network | NONE | NONE | — | No network access declared or inferred |
| Environment | NONE | NONE | — | No environment variable access |
| Clipboard | NONE | NONE | — | No clipboard access |
| Database | NONE | NONE | — | No database access |
| Skill Invoke | NONE | NONE | — | No skill chaining |
5 findings
Medium External URL 外部 URL
https://img.shields.io/badge/license-MIT-blue.svg README.md:5 Medium External URL 外部 URL
https://img.shields.io/badge/version-1.0.0-green.svg README.md:6 Medium External URL 外部 URL
https://img.shields.io/badge/platform-OpenClaw-lightgrey.svg README.md:7 Medium External URL 外部 URL
https://example.com,模式2,引擎A,人工介入 README.md:55 Medium External URL 外部 URL
https://www.baidu.com,模式2,引擎A,人工介入 README.md:68 File Tree
2 files · 10.2 KB · 342 lines Markdown 2f · 342L
├─
README.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ No executable code present - pure documentation skill
✓ Documentation accurately describes all declared capabilities
✓ Mandatory human confirmation gate (Stage 3) prevents unauthorized execution
✓ Environment pre-flight check ensures MCP tools are available
✓ Self-healing mechanism is documented and limited to 2 retries
✓ No credential harvesting or sensitive data access
✓ No external network calls or C2 communication
✓ No obfuscation or base64-encoded payloads
✓ MIT License clearly stated