Historique des audits
matchms - 4 audits
Version de l’audit 4
Dernier SûrJan 17, 2026, 06:24 AM
All 268 static findings are false positives. The analyzer incorrectly flagged markdown code blocks (backticks) as shell execution, InChIKey descriptions as cryptographic algorithms, scientific database URLs as network reconnaissance, and legitimate Python code examples as malicious patterns. Matchms is a legitimate open-source mass spectrometry library for metabolomics research.
Facteurs de risque
⚡ Contient des scripts (2)
⚙️ Commandes externes (3)
🌐 Accès réseau (3)
📁 Accès au système de fichiers (1)
Version de l’audit 3
SûrJan 17, 2026, 06:24 AM
All 268 static findings are false positives. The analyzer incorrectly flagged markdown code blocks (backticks) as shell execution, InChIKey descriptions as cryptographic algorithms, scientific database URLs as network reconnaissance, and legitimate Python code examples as malicious patterns. Matchms is a legitimate open-source mass spectrometry library for metabolomics research.
Facteurs de risque
⚡ Contient des scripts (2)
⚙️ Commandes externes (3)
🌐 Accès réseau (3)
📁 Accès au système de fichiers (1)
Version de l’audit 2
SûrJan 12, 2026, 05:08 PM
The static analyzer incorrectly flagged documentation code blocks as security issues. All findings are false positives - the 'weak cryptographic algorithm' and 'external commands' alerts stem from markdown documentation containing code examples and legitimate URLs to scientific resources. No actual security risks were found.
Facteurs de risque
⚡ Contient des scripts (1)
⚙️ Commandes externes (1)
🌐 Accès réseau (1)
Version de l’audit 1
SûrJan 4, 2026, 04:58 PM
Documentation-only skill containing markdown guides and code examples for the matchms Python library. No executable code, no credential access, no network exfiltration. Pure prompt-based guidance.