Historial de auditorías
writing-bots - 6 auditorías
Versión de auditoría 6
Más reciente Riesgo medioJun 28, 2026, 09:51 AM
Static analysis correctly identified network access, environment-variable guidance, and external command examples, but the weak cryptography and Ruby backtick alerts are false positives from Markdown prose. The skill has legitimate blockchain automation intent, but it can lead users to install a CLI, run bots, use API keys, and broadcast transactions, so publication should include a clear operational risk warning.
Problemas de riesgo medio (2)
Problemas de riesgo bajo (4)
Factores de riesgo
⚙️ Comandos externos (3)
🌐 Acceso a red (2)
🔑 Variables de entorno (1)
Patrones detectados
Versión de auditoría 5
SeguroJan 16, 2026, 03:22 PM
This skill is a pure markdown prompt file providing guidance for designing blockchain bots using the Silverback SDK. All static findings are false positives. The scanner misidentified standard blockchain terminology (keccak256, sha256, mainnet) as cryptographic weaknesses, CLI documentation as command injection, and documentation URLs as network exfiltration. The skill contains no executable code and advises best practices including using environment variables and circuit breakers for safety.
Factores de riesgo
🌐 Acceso a red (3)
⚙️ Comandos externos (12)
🔑 Variables de entorno (1)
Versión de auditoría 4
SeguroJan 16, 2026, 03:22 PM
This skill is a pure markdown prompt file providing guidance for designing blockchain bots using the Silverback SDK. All static findings are false positives. The scanner misidentified standard blockchain terminology (keccak256, sha256, mainnet) as cryptographic weaknesses, CLI documentation as command injection, and documentation URLs as network exfiltration. The skill contains no executable code and advises best practices including using environment variables and circuit breakers for safety.
Factores de riesgo
🌐 Acceso a red (3)
⚙️ Comandos externos (12)
🔑 Variables de entorno (1)
Versión de auditoría 3
SeguroJan 10, 2026, 10:20 AM
This skill is a pure markdown prompt file providing guidance to AI assistants. It contains no executable code, scripts, or direct system access capabilities. The skill only offers instructions for designing blockchain bots using the Silverback SDK framework.
Versión de auditoría 2
SeguroJan 10, 2026, 10:20 AM
This skill is a pure markdown prompt file providing guidance to AI assistants. It contains no executable code, scripts, or direct system access capabilities. The skill only offers instructions for designing blockchain bots using the Silverback SDK framework.
Versión de auditoría 1
SeguroJan 10, 2026, 10:20 AM
This skill is a pure markdown prompt file providing guidance to AI assistants. It contains no executable code, scripts, or direct system access capabilities. The skill only offers instructions for designing blockchain bots using the Silverback SDK framework.