Fähigkeiten sharepoint-audit Audit-Verlauf
📦

Audit-Verlauf

sharepoint-audit - 6 Audits

Audit-Version 6

Neueste Mittleres Risiko

Jun 28, 2026, 10:10 AM

Static analysis correctly identified local PowerShell and Python command execution guidance, which is central to this SharePoint audit workflow. Several high-severity matches are contextual mentions or Markdown formatting false positives, and no prompt injection or malicious exfiltration intent was found. Publish with a warning because the skill handles secrets, installs modules, and produces sensitive SharePoint audit reports.

1
Gescannte Dateien
26
Analysierte Zeilen
7
befunde
codex
Auditiert von
Probleme mit mittlerem Risiko (3)
SKILL.md:18SKILL.md:19
Local External Command Execution Workflow
The skill instructs the assistant to run local PowerShell and Python audit commands. This is expected for the tool, but it can execute repository code on the operator machine and should only run from a trusted checkout.
SKILL.md:16SKILL.md:20SKILL.md:24
Sensitive Credential and Report Handling
The workflow asks for tenant and application identifiers, a PFX path, and an environment variable for the PFX password, then generates reports that the skill labels as sensitive. Mishandling the local workspace or logs could expose SharePoint access data.
SKILL.md:18SKILL.md:23
Module Installation May Use Network Access
The skill permits internet access for module installation and provides a PowerShell install command. This can be legitimate, but operators should review module sources and avoid running installs in untrusted environments.
Probleme mit niedrigem Risiko (3)
SKILL.md:16SKILL.md:18SKILL.md:19SKILL.md:20SKILL.md:25
Ruby Backtick Execution Detections Are Markdown Formatting
The static Ruby backtick findings occur in Markdown instruction text and inline command formatting, not Ruby source code. The underlying local command guidance is separately assessed as external command risk.
SKILL.md:4-5SKILL.md:13
PowerShell Mentions Without Invocation Are Contextual
Some PowerShell static matches are descriptive requirements rather than command execution. They explain prerequisites for the audit workflow and do not independently invoke a shell.
SKILL.md:3
Weak Cryptography Detection Is a YAML Syntax False Positive
The weak cryptography alert points to the YAML folded description marker. No evidence of MD5, SHA1, DES, RC4, or another weak algorithm was found in SKILL.md.

Risikofaktoren

⚙️ Externe Befehle (2)
SKILL.md:18 SKILL.md:19

Erkannte Muster

PowerShell and Python Shell Commands

Audit-Version 5

Niedriges Risiko

Jan 16, 2026, 03:54 PM

Legitimate SharePoint permission audit tool. Static findings are false positives - the tool requires command execution, network access, and credential handling because these are necessary capabilities for a security auditing tool. All operations are documented, local-only, and follow security-conscious practices (credentials from env vars, no secret echoing, explicit warnings about sensitive report data).

2
Gescannte Dateien
264
Analysierte Zeilen
5
befunde
claude
Auditiert von
Probleme mit niedrigem Risiko (2)
SKILL.md:18-19
External command execution capability
The skill instructs users to execute local shell commands including PowerShell and Python scripts. This is the legitimate purpose of the skill but enables code execution if misused.
SKILL.md:17-24
Environment variable access for secrets
The skill reads PFX password from environment variable PFX_PASS. This is appropriate for the use case but involves credential handling.

Risikofaktoren

⚙️ Externe Befehle (1)
SKILL.md:18-19
📁 Dateisystemzugriff (1)
SKILL.md:19-20
🔑 Umgebungsvariablen (1)
SKILL.md:17-24

Audit-Version 4

Niedriges Risiko

Jan 16, 2026, 03:54 PM

Legitimate SharePoint permission audit tool. Static findings are false positives - the tool requires command execution, network access, and credential handling because these are necessary capabilities for a security auditing tool. All operations are documented, local-only, and follow security-conscious practices (credentials from env vars, no secret echoing, explicit warnings about sensitive report data).

2
Gescannte Dateien
264
Analysierte Zeilen
5
befunde
claude
Auditiert von
Probleme mit niedrigem Risiko (2)
SKILL.md:18-19
External command execution capability
The skill instructs users to execute local shell commands including PowerShell and Python scripts. This is the legitimate purpose of the skill but enables code execution if misused.
SKILL.md:17-24
Environment variable access for secrets
The skill reads PFX password from environment variable PFX_PASS. This is appropriate for the use case but involves credential handling.

Risikofaktoren

⚙️ Externe Befehle (1)
SKILL.md:18-19
📁 Dateisystemzugriff (1)
SKILL.md:19-20
🔑 Umgebungsvariablen (1)
SKILL.md:17-24

Audit-Version 3

Niedriges Risiko

Jan 10, 2026, 10:20 AM

Prompt-based skill that provides instructions for running SharePoint audit scripts locally. Includes security-conscious rules and is appropriate for its stated administrative purpose.

1
Gescannte Dateien
26
Analysierte Zeilen
5
befunde
claude
Auditiert von
Probleme mit niedrigem Risiko (2)
SKILL.md:18-19
External command execution capability
The skill instructs users to execute local shell commands including PowerShell and Python scripts. This is the legitimate purpose of the skill but enables code execution if misused. Quote from SKILL.md lines 18-19: 'pwsh ./sharepoint-audit-agent/agent/powershell/Install-Modules.ps1' and 'python ./sharepoint-audit-agent/agent/python/audit_agent.py … --output ./runs'
SKILL.md:17-24
Environment variable access for secrets
The skill reads PFX password from environment variable PFX_PASS. Quote from SKILL.md line 24: 'Never echo secrets. Read PFX password from env var.' This is appropriate for the use case but involves credential handling.

Risikofaktoren

⚙️ Externe Befehle (1)
SKILL.md:18-19
📁 Dateisystemzugriff (1)
SKILL.md:19-20
🔑 Umgebungsvariablen (1)
SKILL.md:17-24

Audit-Version 2

Niedriges Risiko

Jan 10, 2026, 10:20 AM

Prompt-based skill that provides instructions for running SharePoint audit scripts locally. Includes security-conscious rules and is appropriate for its stated administrative purpose.

1
Gescannte Dateien
26
Analysierte Zeilen
5
befunde
claude
Auditiert von
Probleme mit niedrigem Risiko (2)
SKILL.md:18-19
External command execution capability
The skill instructs users to execute local shell commands including PowerShell and Python scripts. This is the legitimate purpose of the skill but enables code execution if misused. Quote from SKILL.md lines 18-19: 'pwsh ./sharepoint-audit-agent/agent/powershell/Install-Modules.ps1' and 'python ./sharepoint-audit-agent/agent/python/audit_agent.py … --output ./runs'
SKILL.md:17-24
Environment variable access for secrets
The skill reads PFX password from environment variable PFX_PASS. Quote from SKILL.md line 24: 'Never echo secrets. Read PFX password from env var.' This is appropriate for the use case but involves credential handling.

Risikofaktoren

⚙️ Externe Befehle (1)
SKILL.md:18-19
📁 Dateisystemzugriff (1)
SKILL.md:19-20
🔑 Umgebungsvariablen (1)
SKILL.md:17-24

Audit-Version 1

Niedriges Risiko

Jan 10, 2026, 10:20 AM

Prompt-based skill that provides instructions for running SharePoint audit scripts locally. Includes security-conscious rules and is appropriate for its stated administrative purpose.

1
Gescannte Dateien
26
Analysierte Zeilen
5
befunde
claude
Auditiert von
Probleme mit niedrigem Risiko (2)
SKILL.md:18-19
External command execution capability
The skill instructs users to execute local shell commands including PowerShell and Python scripts. This is the legitimate purpose of the skill but enables code execution if misused. Quote from SKILL.md lines 18-19: 'pwsh ./sharepoint-audit-agent/agent/powershell/Install-Modules.ps1' and 'python ./sharepoint-audit-agent/agent/python/audit_agent.py … --output ./runs'
SKILL.md:17-24
Environment variable access for secrets
The skill reads PFX password from environment variable PFX_PASS. Quote from SKILL.md line 24: 'Never echo secrets. Read PFX password from env var.' This is appropriate for the use case but involves credential handling.

Risikofaktoren

⚙️ Externe Befehle (1)
SKILL.md:18-19
📁 Dateisystemzugriff (1)
SKILL.md:19-20
🔑 Umgebungsvariablen (1)
SKILL.md:17-24
← Zurück zum Skill