Historial de auditorías
configuring-dapr-pubsub - 5 auditorías
Versión de auditoría 5
Más reciente SeguroJan 16, 2026, 05:47 PM
All 65 static findings are FALSE POSITIVES. The skill is pure documentation with YAML/JSON/Python code examples for Dapr pub/sub configuration. The verify.py script only reads SKILL.md to validate documentation structure - no network calls, no external command execution, no credential access. Static analyzer misidentified documentation keywords and code examples as security threats.
Factores de riesgo
⚡ Contiene scripts (1)
📁 Acceso al sistema de archivos (1)
Versión de auditoría 4
SeguroJan 16, 2026, 05:47 PM
All 65 static findings are FALSE POSITIVES. The skill is pure documentation with YAML/JSON/Python code examples for Dapr pub/sub configuration. The verify.py script only reads SKILL.md to validate documentation structure - no network calls, no external command execution, no credential access. Static analyzer misidentified documentation keywords and code examples as security threats.
Factores de riesgo
⚡ Contiene scripts (1)
📁 Acceso al sistema de archivos (1)
Versión de auditoría 3
Riesgo bajoJan 10, 2026, 10:28 AM
This skill contains documentation and a verification script. The script only reads local files within the skill directory to validate documentation structure. No network calls, external commands, credential access, or data exfiltration capabilities detected.
Factores de riesgo
⚡ Contiene scripts (1)
📁 Acceso al sistema de archivos (1)
Versión de auditoría 2
Riesgo bajoJan 10, 2026, 10:28 AM
This skill contains documentation and a verification script. The script only reads local files within the skill directory to validate documentation structure. No network calls, external commands, credential access, or data exfiltration capabilities detected.
Factores de riesgo
⚡ Contiene scripts (1)
📁 Acceso al sistema de archivos (1)
Versión de auditoría 1
Riesgo bajoJan 10, 2026, 10:28 AM
This skill contains documentation and a verification script. The script only reads local files within the skill directory to validate documentation structure. No network calls, external commands, credential access, or data exfiltration capabilities detected.