📦

سجل التدقيق

frontend-nextjs-app-router - 7 عمليات التدقيق

إصدار التدقيق 7

الأحدث مخاطر متوسطة

Jun 28, 2026, 12:25 PM

Static analysis reported many severe patterns, but review found they are almost entirely Markdown and TypeScript documentation false positives. No malicious intent, prompt injection, executable scripts, credential collection, or data exfiltration was found. The skill has medium risk because several examples can encourage under-validated server actions, route handlers, and route protection patterns.

2
الملفات التي تم فحصها
649
الأسطر التي تم تحليلها
6
النتائج
codex
دقّقه
مشكلات متوسطة المخاطر (2)
Examples Omit Input Validation For Server-Side Mutations
TRUE POSITIVE semantic concern. Server Action and route handler examples read form or request body data and pass it to database helpers without showing validation, authorization, or error handling. The snippets are documentation, not active code, but they may lead generated applications to accept unsafe input.
Simplified Route Protection Examples May Encourage Weak Auth
TRUE POSITIVE semantic concern. The middleware example only checks whether a token cookie exists before allowing protected routes. The admin page example checks a session role but does not show session integrity validation, creating a risk that users copy incomplete authorization patterns.
مشكلات منخفضة المخاطر (4)
External Command Findings Are Markdown False Positives
FALSE POSITIVE. The many reported Ruby or shell backtick findings come from Markdown code fences, inline route paths, JSX template literals, and TypeScript examples. I found no instruction that executes shell commands or asks the assistant to run untrusted commands.
Weak Cryptography Findings Are Text-Match False Positives
FALSE POSITIVE. The reported weak cryptographic algorithm locations contain ordinary words such as description or design-related prose, not MD5, SHA-1, DES, or cryptographic API usage. No evidence found of weak cryptography instructions.
Network, Storage, And Path Traversal Findings Are Benign Documentation
FALSE POSITIVE. The fetch, localStorage, and /app/.../page.tsx references describe normal Next.js and browser concepts. They do not collect credentials, access files, traverse paths, or make external network requests from the skill itself.
Critical Heuristic Combinations Are Not Confirmed
FALSE POSITIVE. The static heuristic combined unrelated documentation terms and examples into a dangerous pattern. Review found no credential access, exfiltration endpoint, obfuscation, executable script, or prompt injection attempt.

إصدار التدقيق 6

آمن

Jan 21, 2026, 04:52 PM

This skill is a documentation and guidance resource for Next.js App Router development. All 131 static findings are false positives - they are TypeScript/JavaScript code examples in markdown documentation files. No executable code, network access, or filesystem operations are performed by this skill.

3
الملفات التي تم فحصها
1,977
الأسطر التي تم تحليلها
3
النتائج
claude
دقّقه
لم تُكتشف مشكلات أمنية

عوامل الخطر

⚙️ الأوامر الخارجية (101)
references/app-router-patterns.md:7-34 references/app-router-patterns.md:34-40 references/app-router-patterns.md:40-50 references/app-router-patterns.md:50-56 references/app-router-patterns.md:56-68 references/app-router-patterns.md:68-74 references/app-router-patterns.md:74-83 references/app-router-patterns.md:83-85 references/app-router-patterns.md:85-106 references/app-router-patterns.md:106-110 references/app-router-patterns.md:110-132 references/app-router-patterns.md:132-138 references/app-router-patterns.md:138-164 references/app-router-patterns.md:164-170 references/app-router-patterns.md:170-182 references/app-router-patterns.md:182-183 references/app-router-patterns.md:183-192 references/app-router-patterns.md:192-196 references/app-router-patterns.md:196-215 references/app-router-patterns.md:215-219 references/app-router-patterns.md:219-227 references/app-router-patterns.md:227-231 references/app-router-patterns.md:231-246 SKILL.md:15 SKILL.md:19 SKILL.md:20 SKILL.md:21 SKILL.md:22 SKILL.md:25-48 SKILL.md:48-50 SKILL.md:50-53 SKILL.md:53-54 SKILL.md:54-55 SKILL.md:55-58 SKILL.md:58-59 SKILL.md:59-60 SKILL.md:60-63 SKILL.md:63-76 SKILL.md:76-88 SKILL.md:88-90 SKILL.md:90-93 SKILL.md:93-94 SKILL.md:94-97 SKILL.md:97-107 SKILL.md:107-111 SKILL.md:111-112 SKILL.md:112-130 SKILL.md:130-132 SKILL.md:132-133 SKILL.md:133-148 SKILL.md:148-150 SKILL.md:150-151 SKILL.md:151-163 SKILL.md:163-173 SKILL.md:173-174 SKILL.md:174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-176 SKILL.md:176 SKILL.md:176-180 SKILL.md:180-195 SKILL.md:195-200 SKILL.md:200-214 SKILL.md:214-217 SKILL.md:217-231 SKILL.md:231-235 SKILL.md:235-236 SKILL.md:236-252 SKILL.md:252-254 SKILL.md:254-255 SKILL.md:255-268 SKILL.md:268-273 SKILL.md:273-275 SKILL.md:275-278 SKILL.md:278-296 SKILL.md:296-303 SKILL.md:303-305 SKILL.md:305-308 SKILL.md:308-310 SKILL.md:310-311 SKILL.md:311-314 SKILL.md:314-319 SKILL.md:319-324 SKILL.md:324-334 SKILL.md:334-335 SKILL.md:335-337 SKILL.md:337-346 SKILL.md:346-359 SKILL.md:359-362 SKILL.md:362-370 SKILL.md:370-373 SKILL.md:373-387 SKILL.md:387-391 SKILL.md:391-392 SKILL.md:392-393 SKILL.md:393-395 SKILL.md:395-396 SKILL.md:396-397 SKILL.md:397-401 SKILL.md:401
🌐 الوصول إلى الشبكة (1)
📁 الوصول إلى نظام الملفات (1)

إصدار التدقيق 5

مخاطر متوسطة

Jan 16, 2026, 06:00 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
الملفات التي تم فحصها
838
الأسطر التي تم تحليلها
3
النتائج
claude
دقّقه
لم تُكتشف مشكلات أمنية

عوامل الخطر

⚙️ الأوامر الخارجية (101)
references/app-router-patterns.md:7-34 references/app-router-patterns.md:34-40 references/app-router-patterns.md:40-50 references/app-router-patterns.md:50-56 references/app-router-patterns.md:56-68 references/app-router-patterns.md:68-74 references/app-router-patterns.md:74-83 references/app-router-patterns.md:83-85 references/app-router-patterns.md:85-106 references/app-router-patterns.md:106-110 references/app-router-patterns.md:110-132 references/app-router-patterns.md:132-138 references/app-router-patterns.md:138-164 references/app-router-patterns.md:164-170 references/app-router-patterns.md:170-182 references/app-router-patterns.md:182-183 references/app-router-patterns.md:183-192 references/app-router-patterns.md:192-196 references/app-router-patterns.md:196-215 references/app-router-patterns.md:215-219 references/app-router-patterns.md:219-227 references/app-router-patterns.md:227-231 references/app-router-patterns.md:231-246 SKILL.md:15 SKILL.md:19 SKILL.md:20 SKILL.md:21 SKILL.md:22 SKILL.md:25-48 SKILL.md:48-50 SKILL.md:50-53 SKILL.md:53-54 SKILL.md:54-55 SKILL.md:55-58 SKILL.md:58-59 SKILL.md:59-60 SKILL.md:60-63 SKILL.md:63-76 SKILL.md:76-88 SKILL.md:88-90 SKILL.md:90-93 SKILL.md:93-94 SKILL.md:94-97 SKILL.md:97-107 SKILL.md:107-111 SKILL.md:111-112 SKILL.md:112-130 SKILL.md:130-132 SKILL.md:132-133 SKILL.md:133-148 SKILL.md:148-150 SKILL.md:150-151 SKILL.md:151-163 SKILL.md:163-173 SKILL.md:173-174 SKILL.md:174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-176 SKILL.md:176 SKILL.md:176-180 SKILL.md:180-195 SKILL.md:195-200 SKILL.md:200-214 SKILL.md:214-217 SKILL.md:217-231 SKILL.md:231-235 SKILL.md:235-236 SKILL.md:236-252 SKILL.md:252-254 SKILL.md:254-255 SKILL.md:255-268 SKILL.md:268-273 SKILL.md:273-275 SKILL.md:275-278 SKILL.md:278-296 SKILL.md:296-303 SKILL.md:303-305 SKILL.md:305-308 SKILL.md:308-310 SKILL.md:310-311 SKILL.md:311-314 SKILL.md:314-319 SKILL.md:319-324 SKILL.md:324-334 SKILL.md:334-335 SKILL.md:335-337 SKILL.md:337-346 SKILL.md:346-359 SKILL.md:359-362 SKILL.md:362-370 SKILL.md:370-373 SKILL.md:373-387 SKILL.md:387-391 SKILL.md:391-392 SKILL.md:392-393 SKILL.md:393-395 SKILL.md:395-396 SKILL.md:396-397 SKILL.md:397-401 SKILL.md:401
🌐 الوصول إلى الشبكة (1)
📁 الوصول إلى نظام الملفات (1)

الأنماط المكتشفة

Ruby/shell backtick executionWeak cryptographic algorithmSystem reconnaissanceFetch API callPath traversal sequenceBrowser storage access[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

إصدار التدقيق 4

مخاطر متوسطة

Jan 16, 2026, 06:00 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
الملفات التي تم فحصها
838
الأسطر التي تم تحليلها
3
النتائج
claude
دقّقه
لم تُكتشف مشكلات أمنية

عوامل الخطر

⚙️ الأوامر الخارجية (101)
references/app-router-patterns.md:7-34 references/app-router-patterns.md:34-40 references/app-router-patterns.md:40-50 references/app-router-patterns.md:50-56 references/app-router-patterns.md:56-68 references/app-router-patterns.md:68-74 references/app-router-patterns.md:74-83 references/app-router-patterns.md:83-85 references/app-router-patterns.md:85-106 references/app-router-patterns.md:106-110 references/app-router-patterns.md:110-132 references/app-router-patterns.md:132-138 references/app-router-patterns.md:138-164 references/app-router-patterns.md:164-170 references/app-router-patterns.md:170-182 references/app-router-patterns.md:182-183 references/app-router-patterns.md:183-192 references/app-router-patterns.md:192-196 references/app-router-patterns.md:196-215 references/app-router-patterns.md:215-219 references/app-router-patterns.md:219-227 references/app-router-patterns.md:227-231 references/app-router-patterns.md:231-246 SKILL.md:15 SKILL.md:19 SKILL.md:20 SKILL.md:21 SKILL.md:22 SKILL.md:25-48 SKILL.md:48-50 SKILL.md:50-53 SKILL.md:53-54 SKILL.md:54-55 SKILL.md:55-58 SKILL.md:58-59 SKILL.md:59-60 SKILL.md:60-63 SKILL.md:63-76 SKILL.md:76-88 SKILL.md:88-90 SKILL.md:90-93 SKILL.md:93-94 SKILL.md:94-97 SKILL.md:97-107 SKILL.md:107-111 SKILL.md:111-112 SKILL.md:112-130 SKILL.md:130-132 SKILL.md:132-133 SKILL.md:133-148 SKILL.md:148-150 SKILL.md:150-151 SKILL.md:151-163 SKILL.md:163-173 SKILL.md:173-174 SKILL.md:174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-176 SKILL.md:176 SKILL.md:176-180 SKILL.md:180-195 SKILL.md:195-200 SKILL.md:200-214 SKILL.md:214-217 SKILL.md:217-231 SKILL.md:231-235 SKILL.md:235-236 SKILL.md:236-252 SKILL.md:252-254 SKILL.md:254-255 SKILL.md:255-268 SKILL.md:268-273 SKILL.md:273-275 SKILL.md:275-278 SKILL.md:278-296 SKILL.md:296-303 SKILL.md:303-305 SKILL.md:305-308 SKILL.md:308-310 SKILL.md:310-311 SKILL.md:311-314 SKILL.md:314-319 SKILL.md:319-324 SKILL.md:324-334 SKILL.md:334-335 SKILL.md:335-337 SKILL.md:337-346 SKILL.md:346-359 SKILL.md:359-362 SKILL.md:362-370 SKILL.md:370-373 SKILL.md:373-387 SKILL.md:387-391 SKILL.md:391-392 SKILL.md:392-393 SKILL.md:393-395 SKILL.md:395-396 SKILL.md:396-397 SKILL.md:397-401 SKILL.md:401
🌐 الوصول إلى الشبكة (1)
📁 الوصول إلى نظام الملفات (1)

الأنماط المكتشفة

Ruby/shell backtick executionWeak cryptographic algorithmSystem reconnaissanceFetch API callPath traversal sequenceBrowser storage access[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

إصدار التدقيق 3

آمن

Jan 10, 2026, 11:07 AM

Pure documentation skill with no executable code. Contains only markdown guidance and TypeScript code templates for Next.js App Router development patterns.

2
الملفات التي تم فحصها
402
الأسطر التي تم تحليلها
0
النتائج
claude
دقّقه
لم تُكتشف مشكلات أمنية

إصدار التدقيق 2

آمن

Jan 10, 2026, 11:07 AM

Pure documentation skill with no executable code. Contains only markdown guidance and TypeScript code templates for Next.js App Router development patterns.

2
الملفات التي تم فحصها
402
الأسطر التي تم تحليلها
0
النتائج
claude
دقّقه
لم تُكتشف مشكلات أمنية

إصدار التدقيق 1

آمن

Jan 10, 2026, 11:07 AM

Pure documentation skill with no executable code. Contains only markdown guidance and TypeScript code templates for Next.js App Router development patterns.

2
الملفات التي تم فحصها
402
الأسطر التي تم تحليلها
0
النتائج
claude
دقّقه
لم تُكتشف مشكلات أمنية