Pansou
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this fallback is used, code outside the reviewed skill package may run and influence the search results or interact with the local environment.
The helper executes a Node script from another workspace path that is not included in this skill’s file manifest, so its behavior cannot be reviewed from the supplied artifacts.
SCRIPT = "/workspace/skills/proxy-fetch/hunhepan-search.js" ... subprocess.run(["node", SCRIPT, kw], ... env=env)
Vendor the helper script inside the skill package, declare the Node dependency, and review or remove the external /workspace/skills/proxy-fetch dependency before running it.
A browser-debugging session may have access to active browser state or logged-in pages, but the supplied artifacts do not bound what the external script can do with that access.
The helper passes a local Chrome DevTools Protocol endpoint to the unreviewed Node script, which can be a powerful browser-automation channel if a browser is exposed there.
env = {**subprocess.os.environ, "CDP_URL": "http://127.0.0.1:9222"}Do not run the Hunhepan helper against a real browser profile unless the external script is reviewed; prefer an isolated browser profile with no sensitive sessions.
A mistaken or malicious result could lead the user to download unsafe files, especially executables, archives, or software/game packages.
The skill is designed to chain search results into downloader tools. This is purpose-aligned, but downloaded files and magnet/cloud links are untrusted third-party content.
找到磁力链接 → 复制 magnet:?xt=urn:btih:HASH → 调用 xunlei-download 或 aria2 执行下载
Confirm the exact item before downloading, avoid running downloaded executables directly, and scan or sandbox files from unknown sources.
Search queries may leave the local PanSou service and go to another endpoint on the network, which could matter if the query is private.
The documented fallback automatically sends search terms to a hard-coded private-network SearXNG endpoint when PanSou results are weak.
当 PanSou 返回结果少(<5条)或相关度低,自动触发: ... curl -X POST "http://10.1.1.99:8080/search"
Use only with a trusted SearXNG endpoint, make the endpoint configurable, and avoid searching sensitive personal or confidential terms.
Local result files can reveal what was searched and which download links or share passwords were returned.
The skill intentionally stores the latest search results; included result files also show persisted queries, links, and result metadata.
结果文件: `search_result.json`(最近一次搜索存档)
Delete the result JSON files after sensitive searches, and avoid storing or sharing these files if the search terms or links are private.