Fähigkeiten ppt-editing-skill Audit-Verlauf
📦

Audit-Verlauf

ppt-editing-skill - 2 Audits

Audit-Version 2

Neueste Mittleres Risiko

May 27, 2026, 08:52 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

1
Gescannte Dateien
194
Analysierte Zeilen
2
befunde
claude
Auditiert von
Keine Sicherheitsprobleme gefunden

Risikofaktoren

⚙️ Externe Befehle (55)
SKILL.md:14-17 SKILL.md:17-18 SKILL.md:18-38 SKILL.md:38-39 SKILL.md:39-40 SKILL.md:40-43 SKILL.md:43-52 SKILL.md:52-54 SKILL.md:54-56 SKILL.md:56-58 SKILL.md:58-64 SKILL.md:64-66 SKILL.md:66-74 SKILL.md:74-75 SKILL.md:75-76 SKILL.md:76-77 SKILL.md:77-80 SKILL.md:80-83 SKILL.md:83 SKILL.md:83 SKILL.md:83-91 SKILL.md:91 SKILL.md:91-93 SKILL.md:93-95 SKILL.md:95 SKILL.md:95-97 SKILL.md:97-117 SKILL.md:117 SKILL.md:117-121 SKILL.md:121 SKILL.md:121-122 SKILL.md:122 SKILL.md:122-133 SKILL.md:133-138 SKILL.md:138-145 SKILL.md:145-148 SKILL.md:148-152 SKILL.md:152-155 SKILL.md:155-169 SKILL.md:169-171 SKILL.md:171 SKILL.md:171-179 SKILL.md:179-181 SKILL.md:181-185 SKILL.md:185 SKILL.md:185-186 SKILL.md:186 SKILL.md:186-187 SKILL.md:187 SKILL.md:187-188 SKILL.md:188 SKILL.md:188-192 SKILL.md:192 SKILL.md:192-193 SKILL.md:193
📁 Dateisystemzugriff (6)
SKILL.md:150 SKILL.md:158 SKILL.md:162 SKILL.md:166 SKILL.md:83 SKILL.md:83

Erkannte Muster

Ruby/shell backtick executionPath traversal sequenceTemp directory accessPython archive librariesWeak cryptographic algorithm

Audit-Version 1

Niedriges Risiko

Apr 16, 2026, 07:23 AM

Static analyzer flagged 75 patterns, but all are false positives. The 55 external_commands flags misidentified markdown code fence delimiters as Ruby backtick execution. The 4 path traversal flags misread XML formatting examples. The 14 weak crypto flags misidentified XML hex entity references. Real risks are limited to expected external command usage (cp, python, markitdown) and filesystem access for PPTX unpacking and repacking, both legitimate for this skill's purpose.

1
Gescannte Dateien
194
Analysierte Zeilen
4
befunde
claude
Auditiert von
Probleme mit niedrigem Risiko (2)
SKILL.md:14-17SKILL.md:54-56SKILL.md:74-77
External Command Execution
Skill instructs agents to run shell commands (cp, python -m markitdown) and reference Python scripts (unpack.py, add_slide.py, clean.py, pack.py) for PPTX manipulation. Commands are hardcoded with no user input injection vectors.
SKILL.md:15SKILL.md:55SKILL.md:83
Filesystem Read and Write Access
Skill reads user-provided PPTX files and writes to the working directory and /tmp/ for intermediate processing. File paths are user-provided but operations are limited to copy, extract, and repack PPTX archives.

Risikofaktoren

⚙️ Externe Befehle (3)
SKILL.md:14-17 SKILL.md:54-56 SKILL.md:74-77
📁 Dateisystemzugriff (3)
SKILL.md:83 SKILL.md:15 SKILL.md:55
← Zurück zum Skill