Skills github-issues Audit-Verlauf
📦

Audit-Verlauf

github-issues - 6 Audits

Audit-Version 6

Neueste Mittleres Risiko

Jun 28, 2026, 07:27 PM

Static analysis produced many high-risk pattern matches, but targeted review found Markdown examples and maintainer workflow guidance rather than hidden executable code or malicious intent. The skill is publishable with a medium warning because it guides state-changing gh and git commands and includes limited external documentation lookup.

2
Gescannte Dateien
1,585
Analysierte Zeilen
6
befunde
codex
Geprüft von
Probleme mit mittlerem Risiko (1)
SKILL.md:391-452SKILL.md:520-587examples.md:196-220examples.md:340-356examples.md:463-479
State-Changing GitHub and Git Commands
The skill provides legitimate maintainer workflows, but it repeatedly instructs use of gh and git commands that can label, comment on, close issues, create branches, push changes, and open pull requests. This is not malicious, but users should review commands before execution because they can modify repository and GitHub state.
Probleme mit niedrigem Risiko (3)
SKILL.md:64-75SKILL.md:387-452examples.md:11-23examples.md:60-64examples.md:568-610
Static External-Command Matches Are Documentation Examples
The static analyzer labeled many Markdown backticks as Ruby or shell execution. Review found fenced examples and inline command references, not executable Ruby code or bundled scripts. The commands are still operational guidance, so the real concern is user-approved command execution rather than hidden code execution.
SKILL.md:3SKILL.md:116-126SKILL.md:516examples.md:37-44examples.md:244-247
Weak-Crypto and Reconnaissance Matches Are False Positives
The weak-cryptography hits correspond to ordinary words such as issue workflow text, labels, or placeholder commit hashes, not MD5, SHA1, or cryptographic implementation. The reconnaissance hits are project-maintenance searches like grep, ls, git log, and gh issue list used to validate reports.
examples.md:143-144SKILL.md:672-675
Limited External Documentation Lookup
The only network indicator reviewed is a Schema.org reference used to validate a property definition. This is expected for issue triage, but users should avoid sending private issue contents to external sites unless needed.

Risikofaktoren

⚙️ Externe Befehle (11)
SKILL.md:13 SKILL.md:64-75 SKILL.md:391-452 SKILL.md:454-518 SKILL.md:520-587 examples.md:11-23 examples.md:60-64 examples.md:196-220 examples.md:340-356 examples.md:463-479 examples.md:568-610
🌐 Netzwerkzugriff (2)
examples.md:143-144 SKILL.md:672-675

Erkannte Muster

State-Changing GitHub and Git Commands

Audit-Version 5

Sicher

Jan 16, 2026, 08:25 PM

This skill is pure documentation containing only markdown workflows, templates, and CLI command examples for GitHub issue management. All 262 static findings are FALSE POSITIVES. The flagged patterns are bash documentation examples (not executable Ruby/shell code), standard git/gh CLI commands for legitimate operations, and harmless documentation URLs. No executable code, scripts, or malicious operations exist.

3
Gescannte Dateien
1,771
Analysierte Zeilen
2
befunde
claude
Geprüft von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

⚙️ Externe Befehle (218)
examples.md:11-23 examples.md:23-27 examples.md:27-35 examples.md:35-58 examples.md:58-61 examples.md:61-64 examples.md:64-74 examples.md:74-86 examples.md:86-90 examples.md:90-97 examples.md:97-109 examples.md:109-122 examples.md:122-125 examples.md:125-128 examples.md:128-138 examples.md:138-156 examples.md:156-160 examples.md:160-168 examples.md:168-169 examples.md:169-174 examples.md:174-186 examples.md:186 examples.md:186-191 examples.md:191 examples.md:191 examples.md:191-194 examples.md:194-197 examples.md:197-221 examples.md:221-231 examples.md:231-247 examples.md:247-251 examples.md:251-269 examples.md:269-280 examples.md:280-297 examples.md:297-313 examples.md:313-314 examples.md:314-315 examples.md:315-316 examples.md:316-323 examples.md:323 examples.md:323 examples.md:323 examples.md:323-338 examples.md:338-341 examples.md:341-356 examples.md:356-366 examples.md:366-387 examples.md:387-391 examples.md:391-400 examples.md:400-423 examples.md:423-436 examples.md:436-439 examples.md:439-445 examples.md:445-446 examples.md:446-447 examples.md:447-448 examples.md:448-452 examples.md:452 examples.md:452 examples.md:452-461 examples.md:461-464 examples.md:464-479 examples.md:479-489 examples.md:489-500 examples.md:500-504 examples.md:504-513 examples.md:513-525 examples.md:525-533 examples.md:533-537 examples.md:537-539 examples.md:539-548 examples.md:548 examples.md:548-551 examples.md:551-554 examples.md:554-560 examples.md:560-568 examples.md:568-574 examples.md:574-578 examples.md:578-586 examples.md:586-590 examples.md:590-596 examples.md:596-600 examples.md:600-610 examples.md:610-616 examples.md:616-642 SKILL.md:13 SKILL.md:45 SKILL.md:45 SKILL.md:45 SKILL.md:45 SKILL.md:46 SKILL.md:46 SKILL.md:46 SKILL.md:47 SKILL.md:47 SKILL.md:47 SKILL.md:48 SKILL.md:48 SKILL.md:48 SKILL.md:49 SKILL.md:49 SKILL.md:49 SKILL.md:65-75 SKILL.md:75-78 SKILL.md:78-85 SKILL.md:85-88 SKILL.md:88-93 SKILL.md:93-96 SKILL.md:96-102 SKILL.md:102-134 SKILL.md:134-159 SKILL.md:159 SKILL.md:159 SKILL.md:159-160 SKILL.md:160-163 SKILL.md:163-189 SKILL.md:189-192 SKILL.md:192-218 SKILL.md:218-223 SKILL.md:223-239 SKILL.md:239-246 SKILL.md:246-262 SKILL.md:262-265 SKILL.md:265-289 SKILL.md:289 SKILL.md:289-290 SKILL.md:290-293 SKILL.md:293-321 SKILL.md:321-322 SKILL.md:322-323 SKILL.md:323-327 SKILL.md:327-328 SKILL.md:328-329 SKILL.md:329-338 SKILL.md:338 SKILL.md:338 SKILL.md:338-345 SKILL.md:345-350 SKILL.md:350-363 SKILL.md:363 SKILL.md:363-366 SKILL.md:366-371 SKILL.md:371-380 SKILL.md:380-384 SKILL.md:384 SKILL.md:384-385 SKILL.md:385-391 SKILL.md:391-406 SKILL.md:406-410 SKILL.md:410-419 SKILL.md:419-423 SKILL.md:423-429 SKILL.md:429-433 SKILL.md:433-442 SKILL.md:442-446 SKILL.md:446-452 SKILL.md:452-460 SKILL.md:460-518 SKILL.md:518-524 SKILL.md:524-562 SKILL.md:562-566 SKILL.md:566-573 SKILL.md:573-577 SKILL.md:577-587 SKILL.md:587-595 SKILL.md:595-596 SKILL.md:596-597 SKILL.md:597-598 SKILL.md:598-599 SKILL.md:599-600 SKILL.md:600-606 SKILL.md:606-607 SKILL.md:607-608 SKILL.md:608-614 SKILL.md:614-615 SKILL.md:615-616 SKILL.md:616-617 SKILL.md:617-623 SKILL.md:623-624 SKILL.md:624-625 SKILL.md:625-626 SKILL.md:626-627 SKILL.md:627-628 SKILL.md:628-629 SKILL.md:629-635 SKILL.md:635-636 SKILL.md:636-637 SKILL.md:637-638 SKILL.md:638-639 SKILL.md:639-645 SKILL.md:645-662 SKILL.md:662-663 SKILL.md:663-667 SKILL.md:667-678 SKILL.md:678-679 SKILL.md:679-680 SKILL.md:680-697 SKILL.md:697-701 SKILL.md:701-713 SKILL.md:713-717 SKILL.md:717-737 SKILL.md:737-743 SKILL.md:743-755 SKILL.md:755-759 SKILL.md:759-767 SKILL.md:767-771 SKILL.md:771-778 SKILL.md:778-782 SKILL.md:782-785 SKILL.md:785-810 SKILL.md:810-813 SKILL.md:813-834 SKILL.md:834-837 SKILL.md:837-852 SKILL.md:852-858 SKILL.md:858-869 SKILL.md:869-873 SKILL.md:873-883
🌐 Netzwerkzugriff (1)
examples.md:144

Audit-Version 4

Sicher

Jan 16, 2026, 08:25 PM

This skill is pure documentation containing only markdown workflows, templates, and CLI command examples for GitHub issue management. All 262 static findings are FALSE POSITIVES. The flagged patterns are bash documentation examples (not executable Ruby/shell code), standard git/gh CLI commands for legitimate operations, and harmless documentation URLs. No executable code, scripts, or malicious operations exist.

3
Gescannte Dateien
1,771
Analysierte Zeilen
2
befunde
claude
Geprüft von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

⚙️ Externe Befehle (218)
examples.md:11-23 examples.md:23-27 examples.md:27-35 examples.md:35-58 examples.md:58-61 examples.md:61-64 examples.md:64-74 examples.md:74-86 examples.md:86-90 examples.md:90-97 examples.md:97-109 examples.md:109-122 examples.md:122-125 examples.md:125-128 examples.md:128-138 examples.md:138-156 examples.md:156-160 examples.md:160-168 examples.md:168-169 examples.md:169-174 examples.md:174-186 examples.md:186 examples.md:186-191 examples.md:191 examples.md:191 examples.md:191-194 examples.md:194-197 examples.md:197-221 examples.md:221-231 examples.md:231-247 examples.md:247-251 examples.md:251-269 examples.md:269-280 examples.md:280-297 examples.md:297-313 examples.md:313-314 examples.md:314-315 examples.md:315-316 examples.md:316-323 examples.md:323 examples.md:323 examples.md:323 examples.md:323-338 examples.md:338-341 examples.md:341-356 examples.md:356-366 examples.md:366-387 examples.md:387-391 examples.md:391-400 examples.md:400-423 examples.md:423-436 examples.md:436-439 examples.md:439-445 examples.md:445-446 examples.md:446-447 examples.md:447-448 examples.md:448-452 examples.md:452 examples.md:452 examples.md:452-461 examples.md:461-464 examples.md:464-479 examples.md:479-489 examples.md:489-500 examples.md:500-504 examples.md:504-513 examples.md:513-525 examples.md:525-533 examples.md:533-537 examples.md:537-539 examples.md:539-548 examples.md:548 examples.md:548-551 examples.md:551-554 examples.md:554-560 examples.md:560-568 examples.md:568-574 examples.md:574-578 examples.md:578-586 examples.md:586-590 examples.md:590-596 examples.md:596-600 examples.md:600-610 examples.md:610-616 examples.md:616-642 SKILL.md:13 SKILL.md:45 SKILL.md:45 SKILL.md:45 SKILL.md:45 SKILL.md:46 SKILL.md:46 SKILL.md:46 SKILL.md:47 SKILL.md:47 SKILL.md:47 SKILL.md:48 SKILL.md:48 SKILL.md:48 SKILL.md:49 SKILL.md:49 SKILL.md:49 SKILL.md:65-75 SKILL.md:75-78 SKILL.md:78-85 SKILL.md:85-88 SKILL.md:88-93 SKILL.md:93-96 SKILL.md:96-102 SKILL.md:102-134 SKILL.md:134-159 SKILL.md:159 SKILL.md:159 SKILL.md:159-160 SKILL.md:160-163 SKILL.md:163-189 SKILL.md:189-192 SKILL.md:192-218 SKILL.md:218-223 SKILL.md:223-239 SKILL.md:239-246 SKILL.md:246-262 SKILL.md:262-265 SKILL.md:265-289 SKILL.md:289 SKILL.md:289-290 SKILL.md:290-293 SKILL.md:293-321 SKILL.md:321-322 SKILL.md:322-323 SKILL.md:323-327 SKILL.md:327-328 SKILL.md:328-329 SKILL.md:329-338 SKILL.md:338 SKILL.md:338 SKILL.md:338-345 SKILL.md:345-350 SKILL.md:350-363 SKILL.md:363 SKILL.md:363-366 SKILL.md:366-371 SKILL.md:371-380 SKILL.md:380-384 SKILL.md:384 SKILL.md:384-385 SKILL.md:385-391 SKILL.md:391-406 SKILL.md:406-410 SKILL.md:410-419 SKILL.md:419-423 SKILL.md:423-429 SKILL.md:429-433 SKILL.md:433-442 SKILL.md:442-446 SKILL.md:446-452 SKILL.md:452-460 SKILL.md:460-518 SKILL.md:518-524 SKILL.md:524-562 SKILL.md:562-566 SKILL.md:566-573 SKILL.md:573-577 SKILL.md:577-587 SKILL.md:587-595 SKILL.md:595-596 SKILL.md:596-597 SKILL.md:597-598 SKILL.md:598-599 SKILL.md:599-600 SKILL.md:600-606 SKILL.md:606-607 SKILL.md:607-608 SKILL.md:608-614 SKILL.md:614-615 SKILL.md:615-616 SKILL.md:616-617 SKILL.md:617-623 SKILL.md:623-624 SKILL.md:624-625 SKILL.md:625-626 SKILL.md:626-627 SKILL.md:627-628 SKILL.md:628-629 SKILL.md:629-635 SKILL.md:635-636 SKILL.md:636-637 SKILL.md:637-638 SKILL.md:638-639 SKILL.md:639-645 SKILL.md:645-662 SKILL.md:662-663 SKILL.md:663-667 SKILL.md:667-678 SKILL.md:678-679 SKILL.md:679-680 SKILL.md:680-697 SKILL.md:697-701 SKILL.md:701-713 SKILL.md:713-717 SKILL.md:717-737 SKILL.md:737-743 SKILL.md:743-755 SKILL.md:755-759 SKILL.md:759-767 SKILL.md:767-771 SKILL.md:771-778 SKILL.md:778-782 SKILL.md:782-785 SKILL.md:785-810 SKILL.md:810-813 SKILL.md:813-834 SKILL.md:834-837 SKILL.md:837-852 SKILL.md:852-858 SKILL.md:858-869 SKILL.md:869-873 SKILL.md:873-883
🌐 Netzwerkzugriff (1)
examples.md:144

Audit-Version 3

Sicher

Jan 10, 2026, 11:53 AM

Pure prompt-based skill containing only documentation and workflow instructions. No executable code, scripts, or network operations. Uses standard gh CLI commands documented in plain text. Capabilities directly match stated purpose of GitHub issues management.

2
Gescannte Dateien
1,585
Analysierte Zeilen
0
befunde
claude
Geprüft von
Keine Sicherheitsprobleme gefunden

Audit-Version 2

Sicher

Jan 10, 2026, 11:53 AM

Pure prompt-based skill containing only documentation and workflow instructions. No executable code, scripts, or network operations. Uses standard gh CLI commands documented in plain text. Capabilities directly match stated purpose of GitHub issues management.

2
Gescannte Dateien
1,585
Analysierte Zeilen
0
befunde
claude
Geprüft von
Keine Sicherheitsprobleme gefunden

Audit-Version 1

Sicher

Jan 10, 2026, 11:53 AM

Pure prompt-based skill containing only documentation and workflow instructions. No executable code, scripts, or network operations. Uses standard gh CLI commands documented in plain text. Capabilities directly match stated purpose of GitHub issues management.

2
Gescannte Dateien
1,585
Analysierte Zeilen
0
befunde
claude
Geprüft von
Keine Sicherheitsprobleme gefunden
← Zurück zum Skill