aim-blog-write
Facilitates blog writing and SEO content generation by integrating with the SEO agent for structured output.
Install this skill
or
56/100
Security score
The aim-blog-write skill was audited on Apr 30, 2026 and we found 10 security issues across 3 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 77
Piping content to bash shell
SourceSKILL.md
| 77 | | bash scripts/seo_agent.sh |
medium line 12
Access to .env file
SourceSKILL.md
| 12 | skill 安装后,**必须先要求用户配置 [.env](.env) 中的 `aim-secret-key`**,否则任何生成命令都会失败。 |
medium line 19
Access to .env file
SourceSKILL.md
| 19 | 3. 拿到密钥后,agent 把 [.env](.env) 里 `aim-secret-key=` 这一行的等号后面填上真实密钥 |
medium line 137
Access to .env file
SourceSKILL.md
| 137 | 密钥只放一个地方:**本 skill 根目录下的 [.env](.env)**,键名 `aim-secret-key`。脚本不看环境变量、不读家目录、不跨 agent 复用——就这一个文件。 |
medium line 149
Access to .env file
SourceSKILL.md
| 149 | 3. agent 把 `.env` 里的 `aim-secret-key=` 后面填上用户给的密钥(**用户不自己改文件**) |
medium line 162
Access to .env file
SourceSKILL.md
| 162 | - `.env`(开箱自带):唯一的密钥落盘位置 |
low line 18
External URL reference
SourceSKILL.md
| 18 | > 这是你第一次使用 SEO 博客 skill,请先到 https://tools.mentarc.cn/aim-skills/ 注册并拿到 aim-secret-key,把密钥粘到对话框里发给我,我会帮你配好后再开始生成。 |
low line 120
External URL reference
SourceSKILL.md
| 120 | {"image_url": "http://...", "rephraser_result": "...", "aspect_ratio": "16:9"}, |
low line 147
External URL reference
SourceSKILL.md
| 147 | 1. 去 https://tools.mentarc.cn/aim-skills/ 注册,拿到 aim-secret-key |
low line 154
External URL reference
SourceSKILL.md
| 154 | - `AEP_BASE_URL`:固定为 `http://aep.vemic.com/aim_mentaassistant_2024`,与 `aim_mentaassistant_2024` 服务绑定,不暴露给用户 |
Scanned on Apr 30, 2026
View Security Dashboard