aim-trade-news
Queries recent foreign trade news and provides AI-generated titles and summaries for international trade insights.
Install this skill
or
67/100
Security score
The aim-trade-news skill was audited on Apr 30, 2026 and we found 9 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 38
Access to .env file
SourceSKILL.md
| 38 | - `configured: false` → 暂停,按下文"[密钥配置](#密钥配置)"章节的 4 步引导用户配置凭证(无需用户自己改文件,agent 代写 `.env`),配好后重跑自检 |
medium line 50
Access to .env file
SourceSKILL.md
| 50 | 1. 从环境变量或 `.env` 读取 `AEP_AUTHORIZATION` 凭证 |
medium line 120
Access to .env file
SourceSKILL.md
| 120 | 通过 AEP 网关调用 API,需要 `AEP_AUTHORIZATION` 凭证(Bearer token 格式)。凭证存储在 skill 目录下的 `.env` 文件中(已 gitignore,不提交),脚本会自动补全 `Bearer` 前缀,只需填写 token 值。 |
medium line 126
Access to .env file
SourceSKILL.md
| 126 | 3. **agent** 把 token 写入 skill 目录下的 `.env`,格式: |
medium line 134
Access to .env file
SourceSKILL.md
| 134 | 脚本内置的 `load_dotenv()` 自动读取 `.env`,环境变量优先于文件。更多约束(如跨 agent 禁止共享凭证)见 [references/aep-setup.md](references/aep-setup.md)。 |
medium line 144
Access to .env file
SourceSKILL.md
| 144 | | `.env` | 凭证文件(已 gitignore,不提交) | |
low line 51
External URL reference
SourceSKILL.md
| 51 | 2. 调用 `https://aep.vemic.com/trending_hub/ai_collection`,传 `category: "foreign_trade"` 和 `recentDays` |
low line 89
External URL reference
SourceSKILL.md
| 89 | "url": "https://example.com/article", |
low line 124
External URL reference
SourceSKILL.md
| 124 | 1. 提示用户去 `https://tools.mentarc.cn/aim-skills/` 注册获取 `AEP_AUTHORIZATION`(Bearer token) |
Scanned on Apr 30, 2026
View Security DashboardGitHub Stars 2
Rate this skill
Categorydata analytics
UpdatedMay 13, 2026
Focus-AI-Center/aim-trade-news