Fähigkeiten research-lookup Audit-Verlauf
🔬

Audit-Verlauf

research-lookup - 4 Audits

Audit-Version 4

Neueste Niedriges Risiko

Jan 17, 2026, 06:22 AM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. All 146 static findings are false positives: (1) API key environment reads are standard authentication for OPENROUTER_API_KEY, (2) network calls target the legitimate OpenRouter API endpoint, (3) 'external commands' flagged in SKILL.md are documentation examples showing command syntax, not runtime code execution, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as cryptographic algorithms. No malicious patterns detected after intent analysis.

6
Gescannte Dateien
2,314
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🔑 Umgebungsvariablen (4)
scripts/research_lookup.py:44-46 scripts/lookup.py:152-155 scripts/examples.py:133-136 scripts/examples.py:152
🌐 Netzwerkzugriff (7)
scripts/research_lookup.py:48-53 scripts/research_lookup.py:88 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:191 scripts/research_lookup.py:323 scripts/research_lookup.py:341
📁 Dateisystemzugriff (1)
scripts/research_lookup.py:371
⚙️ Externe Befehle (4)
SKILL.md:41-43 SKILL.md:70-76 SKILL.md:89-95 SKILL.md:108-114

Audit-Version 3

Niedriges Risiko

Jan 17, 2026, 06:22 AM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. All 146 static findings are false positives: (1) API key environment reads are standard authentication for OPENROUTER_API_KEY, (2) network calls target the legitimate OpenRouter API endpoint, (3) 'external commands' flagged in SKILL.md are documentation examples showing command syntax, not runtime code execution, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as cryptographic algorithms. No malicious patterns detected after intent analysis.

6
Gescannte Dateien
2,314
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🔑 Umgebungsvariablen (4)
scripts/research_lookup.py:44-46 scripts/lookup.py:152-155 scripts/examples.py:133-136 scripts/examples.py:152
🌐 Netzwerkzugriff (7)
scripts/research_lookup.py:48-53 scripts/research_lookup.py:88 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:191 scripts/research_lookup.py:323 scripts/research_lookup.py:341
📁 Dateisystemzugriff (1)
scripts/research_lookup.py:371
⚙️ Externe Befehle (4)
SKILL.md:41-43 SKILL.md:70-76 SKILL.md:89-95 SKILL.md:108-114

Audit-Version 2

Sicher

Jan 12, 2026, 04:44 PM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. The static scanner flagged 127 potential issues, but all are false positives: (1) API key environment reads are standard authentication, (2) network calls target the legitimate OpenRouter API, (3) 'external commands' flagged in SKILL.md are documentation examples, not code, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as crypto. No malicious patterns detected.

4
Gescannte Dateien
1,346
Analysierte Zeilen
4
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🔑 Umgebungsvariablen (27)
scripts/examples.py:152 scripts/examples.py:135 scripts/examples.py:135 scripts/examples.py:133 scripts/examples.py:135 scripts/examples.py:136 scripts/examples.py:152 scripts/lookup.py:152 scripts/lookup.py:152 scripts/lookup.py:152 scripts/lookup.py:153 scripts/lookup.py:155 scripts/lookup.py:155 scripts/research_lookup.py:44 scripts/research_lookup.py:381 scripts/research_lookup.py:44 scripts/research_lookup.py:381 scripts/research_lookup.py:44 scripts/research_lookup.py:44 scripts/research_lookup.py:45 scripts/research_lookup.py:46 scripts/research_lookup.py:51 scripts/research_lookup.py:381 scripts/research_lookup.py:382 scripts/research_lookup.py:384 scripts/research_lookup.py:384 SKILL.md:248
🌐 Netzwerkzugriff (10)
scripts/research_lookup.py:88 scripts/research_lookup.py:191 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:323 scripts/research_lookup.py:341 scripts/research_lookup.py:48 scripts/research_lookup.py:53 scripts/research_lookup.py:290 scripts/research_lookup.py:303
📁 Dateisystemzugriff (1)
scripts/research_lookup.py:371
⚙️ Externe Befehle (64)
SKILL.md:41-43 SKILL.md:43-70 SKILL.md:70-76 SKILL.md:76-89 SKILL.md:89-95 SKILL.md:95-108 SKILL.md:108-114 SKILL.md:114-127 SKILL.md:127-133 SKILL.md:133-148 SKILL.md:148-158 SKILL.md:158-174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175-176 SKILL.md:176 SKILL.md:176 SKILL.md:176 SKILL.md:176-177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177-178 SKILL.md:178 SKILL.md:178 SKILL.md:178 SKILL.md:178-179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179-180 SKILL.md:180 SKILL.md:180 SKILL.md:180 SKILL.md:180 SKILL.md:180-181 SKILL.md:181 SKILL.md:181 SKILL.md:181-206 SKILL.md:206-208 SKILL.md:208-217 SKILL.md:217-220 SKILL.md:220-229 SKILL.md:229-239 SKILL.md:239-240 SKILL.md:240-242 SKILL.md:242-248 SKILL.md:248-293 SKILL.md:293-310 SKILL.md:310-312

Audit-Version 1

Niedriges Risiko

Jan 5, 2026, 04:14 PM

Legitimate research lookup skill. Makes API calls to OpenRouter for Perplexity Sonar models. Reads OPENROUTER_API_KEY for authentication. No suspicious patterns detected.

6
Gescannte Dateien
1,226
Analysierte Zeilen
2
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

🌐 Netzwerkzugriff (2)
scripts/research_lookup.py:102-107 scripts/research_lookup.py:305-308
🔑 Umgebungsvariablen (2)
scripts/research_lookup.py:44-46 scripts/research_lookup.py:330-331
← Zurück zum Skill