Audit-Verlauf - ai-runtime-memory

Audit-Version 5

Neueste Niedriges Risiko

Jan 17, 2026, 04:27 AM

All 345 static findings are FALSE POSITIVES. The scanner misidentified markdown code block delimiters as shell backticks, docstrings as cryptographic code, and YAML front matter as obfuscation. Actual code behavior: Python scripts only query local markdown files within the project directory. Shell scripts use standard utilities (date, find, grep) for file operations. No network access, credential handling, or external data transmission exists.

14

Gescannte Dateien

3,214

Analysierte Zeilen

4

befunde

claude

Auditiert von

Probleme mit niedrigem Risiko (1)

scripts/memory-query.sh:1-162

Bash script execution capability

The skill includes a bash script that executes shell commands. These commands (date, find, grep) are standard system utilities used for file operations within the skill directory. Script scope is limited to .ai-runtime/memory directory.

Risikofaktoren

⚡ Enthält Skripte (1)

scripts/memory-query.sh:1-162

📁 Dateisystemzugriff (1)

memory_discovery.py:80-93

⚙️ Externe Befehle (1)

scripts/memory-query.sh:83-92

Audit-Version 4

Niedriges Risiko

Jan 17, 2026, 04:27 AM

All 345 static findings are FALSE POSITIVES. The scanner misidentified markdown code block delimiters as shell backticks, docstrings as cryptographic code, and YAML front matter as obfuscation. Actual code behavior: Python scripts only query local markdown files within the project directory. Shell scripts use standard utilities (date, find, grep) for file operations. No network access, credential handling, or external data transmission exists.

14

Gescannte Dateien

3,214

Analysierte Zeilen

4

befunde

claude

Auditiert von

Probleme mit niedrigem Risiko (1)

scripts/memory-query.sh:1-162

Bash script execution capability

The skill includes a bash script that executes shell commands. These commands (date, find, grep) are standard system utilities used for file operations within the skill directory. Script scope is limited to .ai-runtime/memory directory.

Risikofaktoren

⚡ Enthält Skripte (1)

scripts/memory-query.sh:1-162

📁 Dateisystemzugriff (1)

memory_discovery.py:80-93

⚙️ Externe Befehle (1)

scripts/memory-query.sh:83-92

Audit-Version 3

Niedriges Risiko

Jan 10, 2026, 02:27 PM

Memory management system with minimal risk. Contains Python and bash scripts for querying markdown files within its own directory. Uses standard system utilities (find, grep, date) for file operations. No network access, no credential handling, no external data exfiltration.

13

Gescannte Dateien

1,800

Analysierte Zeilen

4

befunde

claude

Auditiert von

Probleme mit niedrigem Risiko (1)

scripts/memory-query.sh:1-162

Bash script execution capability

The skill includes a bash script (scripts/memory-query.sh) that executes shell commands. While these commands (find, grep, date) are standard system utilities used for file operations within the skill directory, bash scripts carry inherent risk if modified to include malicious commands. The script only operates within the memory directory structure.

Risikofaktoren

⚡ Enthält Skripte (1)

scripts/memory-query.sh:1-162

📁 Dateisystemzugriff (1)

memory_discovery.py:87-106

⚙️ Externe Befehle (1)

scripts/memory-query.sh:150-153

Audit-Version 2

Niedriges Risiko

Jan 10, 2026, 02:27 PM

Memory management system with minimal risk. Contains Python and bash scripts for querying markdown files within its own directory. Uses standard system utilities (find, grep, date) for file operations. No network access, no credential handling, no external data exfiltration.

13

Gescannte Dateien

1,800

Analysierte Zeilen

4

befunde

claude

Auditiert von

Probleme mit niedrigem Risiko (1)

scripts/memory-query.sh:1-162

Bash script execution capability

The skill includes a bash script (scripts/memory-query.sh) that executes shell commands. While these commands (find, grep, date) are standard system utilities used for file operations within the skill directory, bash scripts carry inherent risk if modified to include malicious commands. The script only operates within the memory directory structure.

Risikofaktoren

⚡ Enthält Skripte (1)

scripts/memory-query.sh:1-162

📁 Dateisystemzugriff (1)

memory_discovery.py:87-106

⚙️ Externe Befehle (1)

scripts/memory-query.sh:150-153

Audit-Version 1

Niedriges Risiko

Jan 10, 2026, 02:27 PM

Memory management system with minimal risk. Contains Python and bash scripts for querying markdown files within its own directory. Uses standard system utilities (find, grep, date) for file operations. No network access, no credential handling, no external data exfiltration.

13

Gescannte Dateien

1,800

Analysierte Zeilen

4

befunde

claude

Auditiert von

Probleme mit niedrigem Risiko (1)

scripts/memory-query.sh:1-162

Bash script execution capability

The skill includes a bash script (scripts/memory-query.sh) that executes shell commands. While these commands (find, grep, date) are standard system utilities used for file operations within the skill directory, bash scripts carry inherent risk if modified to include malicious commands. The script only operates within the memory directory structure.

Risikofaktoren

⚡ Enthält Skripte (1)

scripts/memory-query.sh:1-162

📁 Dateisystemzugriff (1)

memory_discovery.py:87-106

⚙️ Externe Befehle (1)

scripts/memory-query.sh:150-153