Historial de auditorías
omakase-off - 5 auditorías
Versión de auditoría 5
Más reciente Riesgo medioJun 27, 2026, 03:43 PM
Static analysis flagged many external command and weak-crypto patterns, but most are false positives from Markdown backticks, dependency names, and ordinary workflow text. The confirmed risk is operational: the skill instructs agents to create worktrees, write plans, and force-delete loser branches during cleanup. No evidence found of malicious network use, credential access, obfuscation, or prompt injection aimed at bypassing audit rules.
Confirmed security concerns (1)
Capability review items (3)
These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.
Factores de riesgo
📁 Acceso al sistema de archivos (3)
⚙️ Comandos externos (2)
Patrones detectados
Versión de auditoría 4
SeguroJan 21, 2026, 03:51 PM
All static findings are false positives. External command patterns in documentation are example git commands. High-risk crypto and C2 patterns are regex false positives triggered by benign words. This is a legitimate workflow orchestration skill.
Factores de riesgo
⚡ Contiene scripts (2)
Versión de auditoría 3
Riesgo medio Audit incompleteJan 16, 2026, 01:56 PM
AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.
This audit did not complete successfully. The quality score is capped until a successful audit is available.
Factores de riesgo
⚙️ Comandos externos (69)
🌐 Acceso a red (1)
Patrones detectados
Versión de auditoría 2
Riesgo medio Audit incompleteJan 16, 2026, 01:56 PM
AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.
This audit did not complete successfully. The quality score is capped until a successful audit is available.
Factores de riesgo
⚙️ Comandos externos (69)
🌐 Acceso a red (1)
Patrones detectados
Versión de auditoría 1
SeguroJan 10, 2026, 09:31 AM
Pure prompt-based orchestrator skill with no executable code. Contains only markdown workflow instructions for Claude. No scripts, network operations, filesystem access, or external command execution. Risk level is safe.