Audit-Verlauf

All 416 static findings are false positives. The scanner misinterpreted documentation keywords in markdown templates as security issues (e.g., 'SAM' as Windows Security Accounts Manager, cryptographic terms in QMS documentation). This is a legitimate ISO 13485 documentation toolkit containing templates and a local Python analysis script with no network access or credential handling.

All 416 static findings are false positives. The scanner misinterpreted documentation keywords in markdown templates as security issues (e.g., 'SAM' as Windows Security Accounts Manager, cryptographic terms in QMS documentation). This is a legitimate ISO 13485 documentation toolkit containing templates and a local Python analysis script with no network access or credential handling.

This is a legitimate ISO 13485 documentation toolkit for medical device manufacturers. All 404 static findings are FALSE POSITIVES caused by pattern matching on documentation content. The Python script only reads/writes files locally and performs keyword analysis. No network access, credential access, or command execution.

Legitimate ISO 13485 documentation toolkit. Contains one local Python script that scans user-provided documents for compliance keywords and generates reports. No network calls, no credential access, no environment harvesting. All file I/O is scoped to user-specified directories. Fully consistent with stated documentation assistance purpose.