Security Auditor
Audit skills for security risks before installing or using them.
Purpose
Skills can request permissions and access that may be:
- - Overreaching (accessing data they shouldn't need)
- Suspicious (behaving oddly, phoning home, etc.)
- Outdated (known vulnerabilities in dependencies)
This skill helps you audit them.
When to Run
| Trigger | Action |
|---|
| Before installing a new skill | Full audit |
| Periodic review |
Quick scan of installed skills |
| Suspicious behavior | Deep analysis |
| Permission review | Check requested permissions |
Audit Workflow
Step 1: Quick Scan
CODEBLOCK0
Checks:
- - File access patterns
- Network access requests
- Suspicious API usage
- Permission requests
Step 2: Detailed Audit
CODEBLOCK1
Performs deep analysis:
- - Code pattern analysis
- Dependency checking
- Permission mapping
- Risk scoring
Step 3: Generate Report
CODEBLOCK2
Creates detailed security report.
Step 4: Compare Skills
CODEBLOCK3
Compare security posture of two skills.
Risk Levels
| Level | Meaning | Action |
|---|
| 🟢 LOW | Minimal risk, standard permissions | Safe to install |
| 🟡 MEDIUM |
Some overreach, review recommended | Read code before install |
| 🔴 HIGH | Significant risks, careful review required | Do not install without review |
| ⛔ CRITICAL | Dangerous patterns detected | Do not install |
Red Flags to Watch For
File Access
- - Accessing
~/.ssh/ or �INLINECODE1 - Reading
*password*, *secret*, *key* files - Writing to system directories
- Accessing other users' directories
Network
- - Exfiltrating data to unknown servers
- DNS rebinding patterns
- Encrypted payloads to unfamiliar domains
Permissions
- - Requesting exec with no scope limitation
- Reading memory or process info
- Keylogging or screenshot capabilities
- Accessing other installed skills' data
Code Patterns
- - Obfuscated code
- Dynamic code generation
- Shell commands without sanitization
- Credential harvesting patterns
Files
- -
scripts/audit.py — Main audit script - INLINECODE6� — Skill-specific scanner
- INLINECODE7� — Security rules and patterns
- INLINECODE8� — Permission reference guide
安全审计员
在安装或使用技能前,对其安全风险进行审计。
目的
技能可能请求以下类型的权限和访问:
- - 越权(访问不应获取的数据)
- 可疑(行为异常、回传数据等)
- 过时(依赖项存在已知漏洞)
本技能可帮助您审计这些风险。
运行时机
快速扫描已安装技能 |
| 可疑行为 | 深度分析 |
| 权限审查 | 检查请求的权限 |
审计流程
步骤1:快速扫描
bash
python3 scripts/audit.py --scan
检查项:
- - 文件访问模式
- 网络访问请求
- 可疑API使用
- 权限请求
步骤2:详细审计
bash
python3 scripts/audit.py --audit <技能路径>
执行深度分析:
步骤3:生成报告
bash
python3 scripts/audit.py --report <技能路径> --output report.md
创建详细的安全报告。
步骤4:技能对比
bash
python3 scripts/audit.py --compare <技能1路径> <技能2路径>
比较两个技能的安全状况。
风险等级
| 等级 | 含义 | 操作 |
|---|
| 🟢 低 | 风险极小,标准权限 | 可安全安装 |
| 🟡 中 |
存在越权,建议审查 | 安装前阅读代码 |
| 🔴 高 | 存在重大风险,需仔细审查 | 未经审查不得安装 |
| ⛔ 严重 | 检测到危险模式 | 禁止安装 |
需警惕的危险信号
文件访问
- - 访问 ~/.ssh/ 或 ~/.aws/
- 读取 password、secret、key 文件
- 写入系统目录
- 访问其他用户目录
网络
- - 向未知服务器泄露数据
- DNS重绑定模式
- 向陌生域名发送加密载荷
权限
- - 请求无范围限制的执行权限
- 读取内存或进程信息
- 键盘记录或截屏能力
- 访问其他已安装技能的数据
代码模式
- - 混淆代码
- 动态代码生成
- 未净化的Shell命令
- 凭证收集模式
文件
- - scripts/audit.py — 主审计脚本
- scripts/scan_skill.py — 技能专用扫描器
- references/rules.md — 安全规则与模式
- references/permissions.md — 权限参考指南
