bjtuo-classroom-query
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/query_classroom.pyuseseval()within theget_captcha_codefunction to calculate results for mathematical captchas. While it uses a regular expression ([\d\+\-\*\/]) to filter the input, usingeval()on content derived from an external source (AI model OCR output) represents a dynamic execution risk. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to a third-party, non-official API (
http://yaya.csoci.com:2333/api/classnum/) to fetch real-time classroom occupancy data. This introduces a dependency on an unverified external service. - [CREDENTIALS_UNSAFE]: The execution script
scripts/query_classroom.pyattempts to load credentials (BJTU_USERNAME,BJTU_PASSWORD,ZHIPU_API_KEY) from.envandsecrets.jsonfiles located in parent directories (../../), which may expose sensitive information if not properly restricted. - [DATA_EXFILTRATION]: The skill saves browser session cookies and authentication tokens to a local file
auth_state.json. If this file is not secured, it could lead to session hijacking or unauthorized access to the user's university account.
Audit Metadata