OSRS玩家数据服务

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill appears to provide OSRS data through a third-party API, but it stores an API key in plaintext locally and has documentation/code mismatches that users should review before installing.

Install only if you trust xiaobenyang.com with this API key and are comfortable with the key being saved in a plaintext .env file. Prefer setting the key through a platform secret store or temporary environment variable, and review/remove the unrelated gaokao references and unpinned dependencies before broader use.

SkillSpector (10)

By NVIDIA

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill documentation instructs the agent to read configuration from .env, ask the user for an API key, persist it locally, and then make external network calls, yet no permissions are declared. This creates a hidden capability gap: a user or platform may believe the skill is low-risk documentation, while it actually requires secret handling, file writes, environment access, and outbound requests.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 97% confidence
Finding: The skill presents itself as an OSRS data service, but the documented behavior includes reading and writing XBY_APIKEY from .env, mutating process environment state, and acting as a proxy client to a third-party service rather than an OSRS server implementation. This mismatch can mislead users about trust boundaries, data flow, and secret exposure, increasing the chance that sensitive credentials are provided under false assumptions.

Intent-Code Divergence

Medium

Confidence: 88% confidence
Finding: The documentation mixes OSRS functionality with unrelated gaokao/school-search references, such as example tool calls and project paths. This inconsistency is a supply-chain integrity risk because it suggests copy-paste reuse, weak review hygiene, or possible repackaging of another skill, making it harder to verify what the skill actually does and whether the documented tools are trustworthy.

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: This file implements API-key storage, retrieval, and persistence to a local .env file, which is broader than the stated purpose of an OSRS stats/leaderboard service. That mismatch increases concern because the code handles credentials in a way that may surprise users and creates local secret exposure risk if the working directory, repo, logs, or backups are accessible.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The code can write to .env and mutate process environment variables, which is an unnecessary capability for a read-oriented game data service and expands the blast radius of compromise or misuse. Persisting a supplied API key locally can leak secrets to other local users, source control, backups, or tooling that reads the project directory.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The function persists an API key to .env without any clear user-facing warning, consent flow, or indication of storage risk. Silent secret persistence is dangerous because users may believe they are providing a temporary token while the code leaves a recoverable copy on disk.

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.31.0 pydantic>=2.7.0 pydantic-settings>=2.2.0 python-dotenv>=1.0.1
Confidence: 95% confidence
Finding: requests>=2.31.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.31.0 pydantic>=2.7.0 pydantic-settings>=2.2.0 python-dotenv>=1.0.1
Confidence: 95% confidence
Finding: pydantic>=2.7.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.31.0 pydantic>=2.7.0 pydantic-settings>=2.2.0 python-dotenv>=1.0.1
Confidence: 93% confidence
Finding: pydantic-settings>=2.2.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests>=2.31.0 pydantic>=2.7.0 pydantic-settings>=2.2.0 python-dotenv>=1.0.1
Confidence: 94% confidence
Finding: python-dotenv>=1.0.1

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal