Historial de auditorías
validate-requirements - 6 auditorías
Versión de auditoría 6
Más reciente Riesgo bajoJun 28, 2026, 04:32 AM
Static analysis reported command execution and weak cryptography, but the cited lines are Markdown fences, prose, and JSON examples. No shell execution, network access, secret handling, or cryptographic code is present. The skill does instruct the assistant to read saved project standards, so publication is acceptable with a low filesystem-access note.
Confirmed security concerns (1)
Static false positives ignored (2)
These static matches were dismissed by semantic review or matched schema-only tokens, so they are shown for transparency but do not drive the quality score.
Factores de riesgo
📁 Acceso al sistema de archivos (4)
Versión de auditoría 5
SeguroJan 16, 2026, 02:58 PM
Pure documentation skill with no executable code. Contains only markdown documentation defining how an AI should validate user input requirements. All 26 static findings are false positives: markdown code fences were misidentified as shell backticks, variable names with 'Rules' were flagged as crypto algorithms, and the GitHub source URL was flagged as hardcoded network address. Previous audit correctly classified this as safe with no dangerous patterns.
Factores de riesgo
⚙️ Comandos externos (8)
Versión de auditoría 4
SeguroJan 16, 2026, 02:58 PM
Pure documentation skill with no executable code. Contains only markdown documentation defining how an AI should validate user input requirements. All 26 static findings are false positives: markdown code fences were misidentified as shell backticks, variable names with 'Rules' were flagged as crypto algorithms, and the GitHub source URL was flagged as hardcoded network address. Previous audit correctly classified this as safe with no dangerous patterns.
Factores de riesgo
⚙️ Comandos externos (8)
Versión de auditoría 3
SeguroJan 10, 2026, 10:08 AM
Pure documentation skill with no executable code. Contains only markdown documentation defining how an AI should validate user input requirements. No network calls, no command execution, no sensitive data access beyond intended scope.
Versión de auditoría 2
SeguroJan 10, 2026, 10:08 AM
Pure documentation skill with no executable code. Contains only markdown documentation defining how an AI should validate user input requirements. No network calls, no command execution, no sensitive data access beyond intended scope.
Versión de auditoría 1
SeguroJan 10, 2026, 10:08 AM
Pure documentation skill with no executable code. Contains only markdown documentation defining how an AI should validate user input requirements. No network calls, no command execution, no sensitive data access beyond intended scope.