Back to Details

skill-security-analyzer

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Skill Security Analyzer

技能安全分析器

Analyze Claude skills for security risks, vulnerabilities, and safety concerns before deployment.
在部署前分析Claude技能的安全风险、漏洞和安全隐患。

When to Use This Skill

何时使用此技能

Use this skill whenever security analysis of a Claude skill is requested, including:
  • "Analyze the security of this skill"
  • "What are the security risks in my [skill-name]?"
  • "Review this skill for vulnerabilities"
  • "Is this skill safe to deploy?"
  • "Check this skill for security issues"
  • "Audit this skill before I use it"
当需要对Claude技能进行安全分析时,均可使用此技能,包括:
  • “分析这个技能的安全性”
  • “我的[技能名称]存在哪些安全风险?”
  • “审查这个技能的漏洞”
  • “这个技能可以安全部署吗?”
  • “检查这个技能的安全问题”
  • “在我使用前审计这个技能”

Analysis Process

分析流程

Security analysis follows a systematic workflow:
  1. Extract skill contents - If provided as a .skill file, extract and examine all components
  2. Review skill metadata - Analyze name, description, and stated purpose
  3. Examine SKILL.md - Review instructions and identify potential risks
  4. Inspect bundled resources - Analyze scripts, references, and assets for security issues
  5. Cross-reference patterns - Check against known security patterns (see references/security_patterns.md)
  6. Generate findings - Compile severity-rated list of identified risks
  7. Create output - Provide executive summary, findings list, and security checklist
安全分析遵循系统化工作流程:
  1. 提取技能内容 - 如果提供的是.skill文件,提取并检查所有组件
  2. 审查技能元数据 - 分析名称、描述和声明的用途
  3. 检查SKILL.md - 查看说明并识别潜在风险
  4. 检查捆绑资源 - 分析脚本、引用和资产中的安全问题
  5. 交叉引用模式 - 对照已知安全模式(参考references/security_patterns.md)
  6. 生成发现结果 - 整理带有严重程度评级的已识别风险列表
  7. 创建输出 - 提供执行摘要、发现结果列表和安全检查表

Output Format

输出格式

Provide three components in this order:
按以下顺序提供三个组件:

1. Executive Summary (2-3 sentences)

1. 执行摘要(2-3句话)

Brief overall assessment with key takeaway. Examples:
  • "This skill has CRITICAL security risks including undisclosed network access and potential data exfiltration. Do not deploy without major modifications."
  • "This skill demonstrates good security practices with minor concerns around input validation. Generally safe for deployment with awareness of limitations."
简要的整体评估及关键结论。示例:
  • “此技能存在严重安全风险,包括未披露的网络访问和潜在的数据泄露。未经重大修改请勿部署。”
  • “此技能展现了良好的安全实践,仅在输入验证方面存在轻微问题。总体而言,了解其局限性后可安全部署。”

2. Findings List

2. 发现结果列表

Severity-rated list of specific security issues found:
CRITICAL - Immediate security threat, do not deploy
  • [Specific finding with evidence]
  • [Specific finding with evidence]
HIGH - Significant risk, requires remediation
  • [Specific finding with evidence]
MEDIUM - Moderate concern, should be addressed
  • [Specific finding with evidence]
LOW - Minor issue or best practice deviation
  • [Specific finding with evidence]
POSITIVE - Security best practices observed
  • [Specific good practice found]
带有严重程度评级的具体安全问题列表:
CRITICAL(严重) - 直接安全威胁,请勿部署
  • [带有证据的具体发现]
  • [带有证据的具体发现]
HIGH(高) - 重大风险,需要修复
  • [带有证据的具体发现]
MEDIUM(中) - 中等风险,应予以解决
  • [带有证据的具体发现]
LOW(低) - 轻微问题或偏离最佳实践
  • [带有证据的具体发现]
POSITIVE(良好实践) - 观察到的安全最佳实践
  • [发现的具体良好实践]

3. Security Checklist

3. 安全检查表

Quick reference checklist of security categories:
[ ] Data Exfiltration Risks - [PASS/FAIL/CONCERN] - [brief note]
[ ] Network Access - [PASS/FAIL/CONCERN] - [brief note]
[ ] Prompt Injection Protection - [PASS/FAIL/CONCERN] - [brief note]
[ ] Permissions & Scope - [PASS/FAIL/CONCERN] - [brief note]
[ ] PII/Confidential Data - [PASS/FAIL/CONCERN] - [brief note]
[ ] Malicious Code Indicators - [PASS/FAIL/CONCERN] - [brief note]
[ ] Supply Chain Risks - [PASS/FAIL/CONCERN] - [brief note]
[ ] Credential Exposure - [PASS/FAIL/CONCERN] - [brief note]
[ ] Resource Abuse - [PASS/FAIL/CONCERN] - [brief note]
[ ] Transparency & Documentation - [PASS/FAIL/CONCERN] - [brief note]
安全类别的快速参考检查表:
[ ] 数据泄露风险 - [通过/失败/关注] - [简要说明]
[ ] 网络访问 - [通过/失败/关注] - [简要说明]
[ ] 提示注入防护 - [通过/失败/关注] - [简要说明]
[ ] 权限与范围 - [通过/失败/关注] - [简要说明]
[ ] 个人身份信息/机密数据 - [通过/失败/关注] - [简要说明]
[ ] 恶意代码迹象 - [通过/失败/关注] - [简要说明]
[ ] 供应链风险 - [通过/失败/关注] - [简要说明]
[ ] 凭证泄露 - [通过/失败/关注] - [简要说明]
[ ] 资源滥用 - [通过/失败/关注] - [简要说明]
[ ] 透明度与文档 - [通过/失败/关注] - [简要说明]

Analyzing Skill Components

分析技能组件

Skill Metadata Analysis

技能元数据分析

Check frontmatter and description for:
  • Scope clarity: Does description match actual functionality?
  • Tool disclosure: Are all used tools mentioned?
  • External service disclosure: Are API calls or network access mentioned?
  • Data handling statements: Is data processing clearly explained?
Red flags:
  • Vague descriptions that don't explain what the skill does
  • Description doesn't mention tools used in code
  • Missing disclosure of network access or external services
检查前置内容和描述,确认:
  • 范围清晰度:描述是否与实际功能匹配?
  • 工具披露:是否提及所有使用的工具?
  • 外部服务披露:是否提及API调用或网络访问?
  • 数据处理声明:是否清晰说明数据处理方式?
危险信号
  • 模糊的描述未说明技能的实际功能
  • 描述未提及代码中使用的工具
  • 未披露网络访问或外部服务

SKILL.md Analysis

SKILL.md分析

Read the entire SKILL.md and check for:
  • Instruction clarity: Are instructions clear and unambiguous?
  • Input handling: How does skill handle user input?
  • Tool usage justification: Is tool usage appropriate for stated purpose?
  • Prompt construction: Are there prompt injection risks?
  • Scope boundaries: Does skill stay within stated purpose?
Specific checks:
  1. Search for dynamic prompt construction patterns
  2. Check for file access instructions without validation
  3. Look for network requests not in description
  4. Identify any instruction override patterns
  5. Review error handling and data exposure
通读SKILL.md并检查:
  • 说明清晰度:说明是否清晰明确?
  • 输入处理:技能如何处理用户输入?
  • 工具使用合理性:工具使用是否符合声明的用途?
  • 提示构建:是否存在提示注入风险?
  • 范围边界:技能是否在声明的用途范围内?
具体检查项
  1. 搜索动态提示构建模式
  2. 检查无验证的文件访问说明
  3. 查找描述中未提及的网络请求
  4. 识别任何说明覆盖模式
  5. 审查错误处理和数据泄露情况

Scripts Analysis

脚本分析

For each script in 
scripts/
:
  1. Read the script using the view tool
  2. Check imports against security patterns reference
  3. Scan for dangerous operations: file deletion, system commands, network requests
  4. Look for obfuscation: base64, exec, eval, encoded strings
  5. Validate paths: check file access uses safe paths
  6. Review subprocess usage: check for shell=True or user input in commands
Priority patterns to detect:
  • exec()
    , 
    eval()
    , 
    __import__()
  • subprocess.run(..., shell=True)
  • requests.post()
    , 
    urllib.request
    , 
    fetch()
  • os.system()
    , 
    os.popen()
  • base64.b64decode()
    followed by execution
  • File operations on sensitive paths
  • Hardcoded credentials or API keys
针对
scripts/
中的每个脚本:
  1. 使用查看工具读取脚本
  2. 对照安全模式参考检查导入内容
  3. 扫描危险操作:文件删除、系统命令、网络请求
  4. 查找混淆代码:base64、exec、eval、编码字符串
  5. 验证路径:检查文件访问是否使用安全路径
  6. 审查子进程使用:检查是否使用shell=True或命令中包含用户输入
优先检测的模式
  • exec()
    , 
    eval()
    , 
    __import__()
  • subprocess.run(..., shell=True)
  • requests.post()
    , 
    urllib.request
    , 
    fetch()
  • os.system()
    , 
    os.popen()
  • base64.b64decode()
    后跟随执行操作
  • 敏感路径上的文件操作
  • 硬编码凭证或API密钥

References Analysis

参考文件分析

Check reference files for:
  • Sensitive data: API keys, credentials, internal schemas
  • External resources: Links to external sites or services
  • Data handling instructions: How data should be processed
  • Compliance requirements: Any regulatory considerations
检查参考文件:
  • 敏感数据:API密钥、凭证、内部架构
  • 外部资源:指向外部网站或服务的链接
  • 数据处理说明:应如何处理数据
  • 合规要求:任何监管考虑因素

Assets Analysis

资产分析

Examine assets for:
  • Executable content: Scripts disguised as assets
  • External resources: Templates that load remote content
  • Embedded credentials: Config files with secrets
  • Unexpected file types: Files that don't match skill purpose
检查资产:
  • 可执行内容:伪装成资产的脚本
  • 外部资源:加载远程内容的模板
  • 嵌入凭证:包含密钥的配置文件
  • 意外文件类型:与技能用途不符的文件

Using the Security Patterns Reference

使用安全模式参考

IMPORTANT: Read 
references/security_patterns.md
at the start of every security analysis to load the comprehensive catalog of security patterns, anti-patterns, and risk indicators.
The reference provides:
  • Detailed examples of risky vs. safe implementations
  • Specific patterns to search for in code
  • Risk categorization and severity guidelines
  • Context-specific considerations
Use the reference to:
  1. Guide what to look for during analysis
  2. Determine severity ratings for findings
  3. Provide accurate examples in findings
  4. Ensure comprehensive coverage of risk categories
重要提示:每次安全分析开始时,请阅读
references/security_patterns.md
,以加载全面的安全模式、反模式和风险指标目录。
参考文件提供:
  • 风险实现与安全实现的详细示例
  • 代码中需要搜索的具体模式
  • 风险分类和严重程度指南
  • 特定场景的考虑因素
使用参考文件来:
  1. 指导分析过程中需要关注的内容
  2. 确定发现结果的严重程度评级
  3. 在发现结果中提供准确示例
  4. 确保全面覆盖风险类别

Handling .skill Files

处理.skill文件

If provided a .skill file:
  1. Extract contents: .skill files are zip files with .skill extension
bash
unzip skillname.skill -d /home/claude/skill-analysis/
  1. Verify structure: Check for SKILL.md and proper directory organization
  2. Analyze extracted contents: Follow normal analysis process
如果提供了.skill文件:
  1. 提取内容:.skill文件是扩展名为.skill的zip文件
bash
unzip skillname.skill -d /home/claude/skill-analysis/
  1. 验证结构:检查是否存在SKILL.md和正确的目录结构
  2. 分析提取的内容:遵循常规分析流程

Edge Cases

边缘情况

Skills Without Code

无代码技能

For skills with only SKILL.md (no scripts/assets):
  • Focus on instruction analysis
  • Check for prompt injection risks in instructions
  • Verify tool usage is appropriate
  • Assess scope and transparency
对于仅包含SKILL.md(无脚本/资产)的技能:
  • 重点分析说明内容
  • 检查说明中的提示注入风险
  • 验证工具使用是否合理
  • 评估范围和透明度

Third-Party Skills

第三方技能

For skills from unknown sources:
  • Apply heightened scrutiny
  • Mark provenance as a risk factor
  • Look extra carefully for obfuscation
  • Check for unexpected functionality
  • Recommend code review before deployment
对于来源未知的技能:
  • 提高审查标准
  • 将来源标记为风险因素
  • 格外注意查找混淆代码
  • 检查是否存在意外功能
  • 建议部署前进行代码审查

Skills Requesting Unusual Permissions

请求异常权限的技能

For skills asking for extensive tool access:
  • Verify each tool is justified in description
  • Check if tool usage aligns with stated purpose
  • Look for scope creep in implementation
  • Consider principle of least privilege
对于请求大量工具访问权限的技能:
  • 验证每个工具是否在描述中说明合理性
  • 检查工具使用是否与声明的用途一致
  • 查找实现中的范围蔓延
  • 考虑最小权限原则

Important Principles

重要原则

Be Evidence-Based

基于证据

  • Always cite specific code or instructions when identifying risks
  • Provide line numbers or code snippets for findings
  • Don't make assumptions - base findings on actual content
  • 识别风险时始终引用具体代码或说明
  • 为发现结果提供行号或代码片段
  • 不做假设 - 基于实际内容得出发现结果

Severity Calibration

严重程度校准

  • CRITICAL: Immediate security threat (data theft, system compromise, credential exposure)
  • HIGH: Significant risk requiring remediation (unsafe file access, undisclosed network calls)
  • MEDIUM: Moderate concern (missing input validation, unclear scope)
  • LOW: Best practice deviation (no security impact but suboptimal)
  • CRITICAL(严重):直接安全威胁(数据盗窃、系统入侵、凭证泄露)
  • HIGH(高):需要修复的重大风险(不安全的文件访问、未披露的网络调用)
  • MEDIUM(中):中等风险(缺少输入验证、范围不明确)
  • LOW(低):偏离最佳实践(无安全影响但并非最优)

Context Matters

场景至关重要

  • Consider the skill's stated purpose
  • Distinguish between necessary functionality and overreach
  • Account for legitimate use cases vs. security theater
  • 考虑技能声明的用途
  • 区分必要功能和过度扩展
  • 说明合法用例与安全作秀的区别

Actionable Findings

可执行的发现结果

  • Provide specific remediation guidance when possible
  • Suggest safer alternatives for risky patterns
  • Prioritize findings by risk and effort to fix
  • 尽可能提供具体的修复指导
  • 针对风险模式建议更安全的替代方案
  • 按风险和修复难度对发现结果排序

Example Analysis Workflow

示例分析流程

User: "Analyze the security of this skill" [attaches my-skill.skill]

1. Extract the .skill file
2. Read references/security_patterns.md
3. Review SKILL.md frontmatter and description
4. Analyze SKILL.md instructions
5. Examine each script in scripts/
6. Check references/ for sensitive data
7. Review assets/ for unexpected content
8. Compile findings with severity ratings
9. Generate executive summary
10. Create security checklist
11. Provide formatted output
用户:“分析这个技能的安全性” [附加my-skill.skill]

1. 提取.skill文件
2. 阅读references/security_patterns.md
3. 审查SKILL.md前置内容和描述
4. 分析SKILL.md说明
5. 检查scripts/中的每个脚本
6. 检查references/中的敏感数据
7. 审查assets/中的意外内容
8. 整理带有严重程度评级的发现结果
9. 生成执行摘要
10. 创建安全检查表
11. 提供格式化输出