Historial de auditorías
css-development-validate - 4 auditorías
Versión de auditoría 4
Más reciente Riesgo bajoJun 27, 2026, 04:34 PM
Static analysis reported command execution, weak cryptography, and network reconnaissance patterns, but review found these are Markdown backticks, prose, and CSS example snippets. No executable scripts, network behavior, prompt injection, credential access, or malicious intent were found in SKILL.md. The skill is safe to publish with a low risk note for false-positive static detections.
Static false positives ignored (3)
These static matches were dismissed by semantic review or matched schema-only tokens, so they are shown for transparency but do not drive the quality score.
Versión de auditoría 3
SeguroJan 16, 2026, 01:23 PM
Pure documentation skill with no executable code. All 'external_commands' detections are markdown code examples showing CSS patterns, not actual shell commands. The skill only reads CSS files for validation as designed. No network, filesystem write, or command execution capabilities exist. Static scanner misidentified documentation examples as executable patterns.
Factores de riesgo
📁 Acceso al sistema de archivos (1)
Versión de auditoría 2
SeguroJan 16, 2026, 01:23 PM
Pure documentation skill with no executable code. All 'external_commands' detections are markdown code examples showing CSS patterns, not actual shell commands. The skill only reads CSS files for validation as designed. No network, filesystem write, or command execution capabilities exist. Static scanner misidentified documentation examples as executable patterns.
Factores de riesgo
📁 Acceso al sistema de archivos (1)
Versión de auditoría 1
SeguroJan 10, 2026, 09:16 AM
Pure prompt-based skill with no code execution capabilities. Only reads CSS files for validation as stated in its purpose. No network, filesystem write, or command execution capabilities.