Database已验证

High risk

senior-security

Critical signals were detected and installation should be handled carefully.

0/100

2critical2high2medium

修复建议

🚨 得分 0/100 — 此技能极度危险。请勿安装。

检测到的风险6

Data Exfiltrationcritical

data_exfiltration

Data exfiltration attempt

Line 1441

Snippets

L1441 │ 4. POST /token │

Aws Credentialscritical

aws_credentials

AWS credentials access

Line 2436

Snippets

L2436 regex=r'(?:aws_secret_access_key|AWS_SECRET_ACCESS_KEY)\s*[:=]\s*["\']?[A-Za-z0-9/+=]{40}["\']?',

Dynamic Importhigh

dynamic_import

Suspicious dynamic import

Line 2749

Snippets

L2749 "scan_date": __import__('datetime').datetime.now().isoformat(),

L3352 "analysis_date": __import__('datetime').datetime.now().isoformat(),

Hardcoded Secrethigh

hardcoded_secret

Potentially hardcoded secret

Line 901

Snippets

L901password = "user_password_123!"

L1809API_KEY = "sk-1234567890abcdef"

L901password = "user_password_123!"

L1809API_KEY = "sk-1234567890abcdef"

Network Callmedium

network_call

Outbound network call

Line 1333

Snippets

L1333 return fetch_data()

L1662 return result.fetchone()

L1333 return fetch_data()

L1662 return result.fetchone()

Env Accessmedium

env_access

Environment variable access

Line 1813

Snippets

L1813DATABASE_URL = os.environ['DATABASE_URL']

Voir les risques detectes

Connectez-vous pour consulter l'analyse detaillee des risques.

$npx agentfend install cmn92rvky00znu1ipx50bf8r5

Trust Score

20trust

⭐ 7359🍴 881

Updated 2周前

分析时间

2026年3月31日 15:57

+ 2 previous scans

兼容

Cursor

Skill details

Trust score

20/100

GitHub

Connected

Stars

7359

Forks

881

Updated 2周前

分析时间 2026年3月31日 15:57

说明

Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guidance, cryptography patterns, and security scanning tools. Use when the user asks about security reviews, threat analysis, vulnerability assessments, secure coding practices,...

查看源码