GreasyFork AI Safety Checker (Multi API)

在 GreasyFork 主頁面顯示 AI 安全檢查提示,含詳細高風險域名列表與權限檢測,支援多國語系

目前为 2025-03-14 提交的版本。查看 最新版本

  1. // ==UserScript==
  2. // @name         GreasyFork AI Safety Checker (Multi API)
  3. // @namespace    http://tampermonkey.net/
  4. // @version      2.1.1
  5. // @description  在 GreasyFork 主頁面顯示 AI 安全檢查提示,含詳細高風險域名列表與權限檢測,支援多國語系
  6. // @match        https://greasyfork.org/*scripts/*
  7. // @exclude      https://greasyfork.org/*scripts/*/code*
  8. // @grant        GM_xmlhttpRequest
  9. // @grant        GM_addStyle
  10. // @grant        GM_setValue
  11. // @grant        GM_getValue
  12. // @grant        GM_registerMenuCommand
  13. // @grant        GM_info
  14. // @license      MIT
  15. // ==/UserScript==
  16.  
  17. (function() {
  18.     'use strict';
  19.  
  20.     let userLang = GM_getValue('userSelectedLanguage', '');
  21.     if (!userLang) {
  22.         userLang = navigator.language === 'zh-TW' ? 'zh-TW' : 
  23.                    navigator.language.startsWith('zh') ? 'zh-CN' : 
  24.                    navigator.language.startsWith('ja') ? 'ja' : 'en';
  25.     }
  26.  
  27.     const translations = {
  28.         'zh-TW': {
  29.             safetyNotice: 'AI 安全提示:${grant} - 靜態檢查: 檢查 ${count} 個域名,檢測到 ${riskCount} 個高風險域名${apiSummary}${politicalWarning}, 建議在沙盒環境中測試此腳本。',
  30.             safetyNoticeNoRisk: 'AI 安全提示:${grant} - 靜態檢查: 檢查 ${count} 個域名,未發現匹配${apiSummary}${politicalWarning}.',
  31.             staticRiskNotice: 'AI 安全提示:靜態檢查發現風險域名 - 檢查 ${count} 個域名,檢測到 ${riskCount} 個高風險域名${apiSummary}${politicalWarning}, 建議在沙盒環境中測試此腳本。',
  32.             noHighRiskGrant: '未檢測到高風險權限',
  33.             fetchCodeFailed: 'AI 安全提示:無法獲取腳本代碼,請手動檢查。',
  34.             viewDetails: '查看詳情',
  35.             hideDetails: '收起詳情',
  36.             gamblingRelated: '可能與博彩相關',
  37.             ptcSite: 'PTC(點擊賺錢)網站',
  38.             urlShortening: '縮短連結服務',
  39.             fileSharing: '文件分享網站',
  40.             highRiskTld: '高風險 TLD'
  41.         },
  42.         'zh-CN': {
  43.             safetyNotice: 'AI 安全提示:${grant} - 静态检查: 检查 ${count} 个域名,检测到 ${riskCount} 个高风险域名${apiSummary}${politicalWarning}, 建议在沙盒环境中测试此脚本。',
  44.             safetyNoticeNoRisk: 'AI 安全提示:${grant} - 静态检查: 检查 ${count} 个域名,未发现匹配${apiSummary}${politicalWarning}.',
  45.             staticRiskNotice: 'AI 安全提示:静态检查发现风险域名 - 检查 ${count} 个域名,检测到 ${riskCount} 个高风险域名${apiSummary}${politicalWarning}, 建议在沙盒环境中测试此脚本。',
  46.             noHighRiskGrant: '未检测到高风险权限',
  47.             fetchCodeFailed: 'AI 安全提示:无法获取脚本代码,请手动检查。',
  48.             viewDetails: '查看详情',
  49.             hideDetails: '收起详情',
  50.             gamblingRelated: '可能与博彩相关',
  51.             ptcSite: 'PTC(点击赚钱)网站',
  52.             urlShortening: '缩短链接服务',
  53.             fileSharing: '文件分享网站',
  54.             highRiskTld: '高风险 TLD'
  55.         },
  56.         'en': {
  57.             safetyNotice: 'AI Safety Notice: ${grant} - Static check: checked ${count} domains, detected ${riskCount} high-risk domains${apiSummary}${politicalWarning}, test in a sandbox environment.',
  58.             safetyNoticeNoRisk: 'AI Safety Notice: ${grant} - Static check: checked ${count} domains, no matches${apiSummary}${politicalWarning}.',
  59.             staticRiskNotice: 'AI Safety Notice: Static check detected risks - checked ${count} domains, detected ${riskCount} high-risk domains${apiSummary}${politicalWarning}, test in a sandbox environment.',
  60.             noHighRiskGrant: 'No high-risk permissions detected',
  61.             fetchCodeFailed: 'AI Safety Notice: Unable to fetch script code, please check manually.',
  62.             viewDetails: 'View Details',
  63.             hideDetails: 'Hide Details',
  64.             gamblingRelated: 'Possibly gambling-related',
  65.             ptcSite: 'PTC (Pay-to-Click) site',
  66.             urlShortening: 'URL shortening service',
  67.             fileSharing: 'File sharing site',
  68.             highRiskTld: 'High-risk TLD'
  69.         },
  70.         'ja': {
  71.             safetyNotice: 'AI安全通知:${grant} - 静的チェック:${count}ドメインをチェックし、${riskCount}個の高リスクドメインを検出しました${apiSummary}${politicalWarning}。サンドボックス環境でテストすることをお勧めします。',
  72.             safetyNoticeNoRisk: 'AI安全通知:${grant} - 静的チェック:${count}ドメインをチェックしましたが、一致するものはありません${apiSummary}${politicalWarning}。',
  73.             staticRiskNotice: 'AI安全通知:静的チェックでリスクを検出 - ${count}ドメインをチェックし、${riskCount}個の高リスクドメインを検出しました${apiSummary}${politicalWarning}。サンドボックス環境でテストすることをお勧めします。',
  74.             noHighRiskGrant: '高リスク権限は検出されませんでした',
  75.             fetchCodeFailed: 'AI安全通知:スクリプトコードを取得できません。手動で確認してください。',
  76.             viewDetails: '詳細を表示',
  77.             hideDetails: '詳細を非表示',
  78.             gamblingRelated: 'ギャンブル関連の可能性',
  79.             ptcSite: 'PTC(クリックで稼ぐ)サイト',
  80.             urlShortening: 'URL短縮サービス',
  81.             fileSharing: 'ファイル共有サイト',
  82.             highRiskTld: '高リスクTLD'
  83.         }
  84.     };
  85.  
  86.     function t(key, params = {}) {
  87.         let text = translations[userLang][key] || translations['en'][key];
  88.         for (const [param, value] of Object.entries(params)) {
  89.             text = text.replace(`\${${param}}`, value);
  90.         }
  91.         return text;
  92.     }
  93.  
  94.     GM_registerMenuCommand('切換語言 / Switch Language', () => {
  95.         const languages = ['zh-TW', 'zh-CN', 'en', 'ja'];
  96.         const currentIndex = languages.indexOf(userLang);
  97.         const nextIndex = (currentIndex + 1) % languages.length;
  98.         userLang = languages[nextIndex];
  99.         GM_setValue('userSelectedLanguage', userLang);
  100.         alert('語言已切換 / Language switched to: ' + userLang);
  101.         location.reload();
  102.     });
  103.  
  104.     if (/\/code/.test(window.location.href)) return;
  105.  
  106.     const fetchScriptCode = () => {
  107.         const scriptId = window.location.pathname.match(/scripts\/(\d+)/)?.[1];
  108.         if (!scriptId) throw new Error('無法提取腳本 ID');
  109.         const codeUrl = `${window.location.origin}${window.location.pathname}/code`;
  110.         return new Promise((resolve, reject) => {
  111.             GM_xmlhttpRequest({
  112.                 method: 'GET', url: codeUrl, onload: (response) => {
  113.                     const parser = new DOMParser();
  114.                     const doc = parser.parseFromString(response.responseText, 'text/html');
  115.                     const code = doc.querySelector('pre')?.textContent;
  116.                     if (code) resolve(code);
  117.                     else reject('未找到代碼');
  118.                 }, onerror: () => reject('獲取代碼失敗')
  119.             });
  120.         });
  121.     };
  122.  
  123.     const analyzeScript = async (code) => {
  124.         const lines = code.split('\n');
  125.         const matches = lines
  126.             .filter(line => line.trim().startsWith('// @match'))
  127.             .map(line => line.replace('// @match', '').trim().replace(/^\*?:\/\//, '').replace(/\/.*/, ''))
  128.             .filter(url => url && !url.includes('greasyfork.org'));
  129.  
  130.         const highRiskDomains = [];
  131.         const riskReasons = {};
  132.         const knownSafe = ['google.com', 'youtube.com', 'facebook.com', 'instagram.com', 'twitter.com', 'wikipedia.org'];
  133.         const riskyPatterns = [
  134.             /vn88\..*/, /fb88\..*/, /m88\..*/, /bet88li\.com/, /yeumoney\.com/, /165\.22\.63\.250/, /188\.166\.185\.213/,
  135.             /aylink\.co/, /gplinks\.co/, /v2links\.me/, /coinclix\.co/, /cutyion\.com/, /upfion\.com/,
  136.             /modsfire\.com/, /dropbox\.com/, /drive\.google\.com/, /mega\.nz/,
  137.             /ourcoincash\.xyz/, /bitcotasks\.com/, /freepayz\.com/, /gwaher\.com/, /geekgrove\.net/, /cricketlegacy\.com/,
  138.             /.*\.techyuth\.xyz/, /.*\.idblogmarket\.com/, /.*\.phonesparrow\.com/, /.*\.wikijankari\.com/,
  139.             /financewada\.com/, /financenova\.online/, /utkarshonlinetest\.com/, /rajasthantopnews\.com/,
  140.             /.*\.devnote\.in/, /naamlist\.com/, /modijiurl\.com/, /gmsrweb\.org/
  141.         ];
  142.  
  143.         let staticCheckedCount = 0;
  144.         matches.forEach(domain => {
  145.             staticCheckedCount++;
  146.             if (knownSafe.some(safe => domain.includes(safe))) return;
  147.             let reason = '未知風險';
  148.             if (riskyPatterns.some(pattern => pattern.test(domain))) {
  149.                 if (/vn88\..*|fb88\..*|m88\..*|bet88li\.com|yeumoney\.com/.test(domain)) reason = t('gamblingRelated');
  150.                 else if (/aylink\.co|gplinks\.co|v2links\.me|coinclix\.co|cutyion\.com|upfion\.com/.test(domain)) reason = t('urlShortening');
  151.                 else if (/modsfire\.com|dropbox\.com|drive\.google\.com|mega\.nz/.test(domain)) reason = t('fileSharing');
  152.                 else if (/ourcoincash\.xyz|bitcotasks\.com|freepayz\.com|gwaher\.com|geekgrove\.net|cricketlegacy\.com/.test(domain)) reason = t('ptcSite');
  153.                 else if (/xyz|in|online|wtf/.test(domain)) reason = t('highRiskTld');
  154.                 highRiskDomains.push(domain);
  155.                 riskReasons[domain] = reason;
  156.             }
  157.         });
  158.  
  159.         const highRiskGrants = ['GM_xmlhttpRequest', 'unsafeWindow', 'GM_setValue', 'GM_openInTab'];
  160.         let firstRiskyGrant = '';
  161.         for (let i = 0; i < lines.length; i++) {
  162.             const line = lines[i].trim();
  163.             for (const grant of highRiskGrants) {
  164.                 if (line.match(new RegExp(`@grant\\s+${grant}`))) {
  165.                     firstRiskyGrant = `${grant} (行 ${i + 1})`;
  166.                     if (grant === 'GM_xmlhttpRequest') {
  167.                         firstRiskyGrant = userLang === 'en' ? 'GM_xmlhttpRequest' : 
  168.                                          userLang === 'zh-TW' ? 'GM 跨站請求' : 
  169.                                          userLang === 'zh-CN' ? 'GM 跨站请求' : 'GM_xmlhttpRequest';
  170.                     }
  171.                     break;
  172.                 }
  173.             }
  174.             if (firstRiskyGrant) break;
  175.         }
  176.         if (!firstRiskyGrant) firstRiskyGrant = t('noHighRiskGrant');
  177.  
  178.         let warning;
  179.         const details = highRiskDomains.length > 0 
  180.             ? `<div class="grok-ai-safety-details" style="display: none;">${highRiskDomains.map(d => `${d}: ${riskReasons[d]}`).join('<br>')}</div>` 
  181.             : '';
  182.  
  183.         if (highRiskDomains.length > 0) {
  184.             warning = firstRiskyGrant === t('noHighRiskGrant') 
  185.                 ? `${t('staticRiskNotice', { count: staticCheckedCount, riskCount: highRiskDomains.length, apiSummary: '', politicalWarning: '' })}<a id="toggle-details" href="#">${t('viewDetails')}</a>${details}`
  186.                 : `${t('safetyNotice', { grant: firstRiskyGrant, count: staticCheckedCount, riskCount: highRiskDomains.length, apiSummary: '', politicalWarning: '' })}<a id="toggle-details" href="#">${t('viewDetails')}</a>${details}`;
  187.         } else {
  188.             warning = t('safetyNoticeNoRisk', { grant: firstRiskyGrant, count: staticCheckedCount, apiSummary: '', politicalWarning: '' });
  189.         }
  190.  
  191.         return { warning, highRiskDomains, riskReasons };
  192.     };
  193.  
  194.     const waitForElement = (selector) => new Promise((resolve) => {
  195.         const element = document.querySelector(selector);
  196.         if (element) return resolve(element);
  197.         const observer = new MutationObserver(() => {
  198.             const el = document.querySelector(selector);
  199.             if (el) {
  200.                 observer.disconnect();
  201.                 resolve(el);
  202.             }
  203.         });
  204.         observer.observe(document.body, { childList: true, subtree: true });
  205.     });
  206.  
  207.     GM_addStyle(`
  208.         .grok-ai-safety-notice { background: #fff3f3; border: 2px solid #ff4d4d; padding: 10px; margin-bottom: 15px; border-radius: 5px; color: #333; }
  209.         .grok-ai-safety-details { margin-top: 10px; padding: 5px; background: #ffe6e6; border: 1px solid #ff9999; border-radius: 3px; }
  210.     `);
  211.  
  212.     waitForElement('.install-link').then((installButton) => {
  213.         fetchScriptCode().then(async (code) => {
  214.             const { warning, highRiskDomains } = await analyzeScript(code);
  215.             const notice = document.createElement('div');
  216.             notice.className = 'grok-ai-safety-notice';
  217.             notice.innerHTML = warning;
  218.  
  219.             if (highRiskDomains.length > 0) {
  220.                 const toggleLink = notice.querySelector('#toggle-details');
  221.                 const detailsDiv = notice.querySelector('.grok-ai-safety-details');
  222.                 toggleLink.addEventListener('click', (e) => {
  223.                     e.preventDefault();
  224.                     if (detailsDiv.style.display === 'block') {
  225.                         detailsDiv.style.display = 'none';
  226.                         toggleLink.textContent = t('viewDetails');
  227.                     } else {
  228.                         detailsDiv.style.display = 'block';
  229.                         toggleLink.textContent = t('hideDetails');
  230.                     }
  231.                 });
  232.             }
  233.  
  234.             installButton.parentNode.insertBefore(notice, installButton);
  235.             console.log('提示已插入 / Notice inserted');
  236.         }).catch(() => {
  237.             const notice = document.createElement('div');
  238.             notice.className = 'grok-ai-safety-notice';
  239.             notice.textContent = t('fetchCodeFailed');
  240.             installButton.parentNode.insertBefore(notice, installButton);
  241.         });
  242.     });
  243. })();