Habilidades iterative-runner Historial de auditorías
📦

Historial de auditorías

iterative-runner - 6 auditorías

Versión de auditoría 6

Más reciente Riesgo medio

Jun 28, 2026, 12:53 PM

The external command findings are partially true positives because the skill recommends repeated Claude CLI execution, including a persistent shell loop. The weak cryptography and network reconnaissance findings are false positives at the cited lines; no cryptographic algorithm, network scan, or exfiltration behavior is present. Publication is acceptable with a warning about cost, resource use, and controlled iteration limits.

1
Archivos escaneados
81
Líneas analizadas
5
hallazgos
codex
Auditado por
Problemas de riesgo medio (1)
SKILL.md:20SKILL.md:42SKILL.md:45-52
Repeated Claude CLI Execution
The skill instructs users to run Claude repeatedly until a completion condition is reached. This is legitimate for test automation, but it can consume tokens, modify files across iterations, and continue undesired work if limits are not enforced.
Problemas de riesgo bajo (3)
SKILL.md:3
Weak Cryptography Finding Dismissed
The cited description line contains only a natural language summary of the skill. No weak cryptographic algorithm or cryptographic operation is present at this location.
SKILL.md:12
Network Reconnaissance Finding Dismissed
The cited line is a use case for test-driven development loops. It does not contain network scanning commands, host discovery, or network access instructions.
SKILL.md:32-36SKILL.md:64-80
Markdown Backtick Findings Are Mostly Benign
Several static external-command detections correspond to Markdown examples, inline flags, or a prompt template. The only confirmed command risk is the intentional Claude retry loop documented in the medium finding.

Factores de riesgo

⚙️ Comandos externos (3)
SKILL.md:20 SKILL.md:42 SKILL.md:45-52

Patrones detectados

Persistent Shell Loop Around Claude

Versión de auditoría 5

Seguro

Jan 16, 2026, 06:03 PM

This is a pure documentation-only skill containing no executable code. The SKILL.md file is markdown documentation describing a workflow concept with example shell syntax for illustration purposes only. All static findings are false positives caused by the analyzer misinterpreting documentation examples and metadata as executable code. No network calls, filesystem modifications, or actual command execution are present in this skill.

2
Archivos escaneados
260
Líneas analizadas
1
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (7)
SKILL.md:19-21 SKILL.md:21-32 SKILL.md:32-36 SKILL.md:36-40 SKILL.md:40-53 SKILL.md:53-64 SKILL.md:64-80

Versión de auditoría 4

Seguro

Jan 16, 2026, 06:03 PM

This is a pure documentation-only skill containing no executable code. The SKILL.md file is markdown documentation describing a workflow concept with example shell syntax for illustration purposes only. All static findings are false positives caused by the analyzer misinterpreting documentation examples and metadata as executable code. No network calls, filesystem modifications, or actual command execution are present in this skill.

2
Archivos escaneados
260
Líneas analizadas
1
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (7)
SKILL.md:19-21 SKILL.md:21-32 SKILL.md:32-36 SKILL.md:36-40 SKILL.md:40-53 SKILL.md:53-64 SKILL.md:64-80

Versión de auditoría 3

Seguro

Jan 10, 2026, 11:11 AM

Pure prompt-based skill consisting only of markdown documentation. No executable code, no network access, no filesystem modifications, no command execution capabilities. The skill defines prompts and workflows for running iterative tasks with Claude.

1
Archivos escaneados
81
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 2

Seguro

Jan 10, 2026, 11:11 AM

Pure prompt-based skill consisting only of markdown documentation. No executable code, no network access, no filesystem modifications, no command execution capabilities. The skill defines prompts and workflows for running iterative tasks with Claude.

1
Archivos escaneados
81
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 1

Seguro

Jan 10, 2026, 11:11 AM

Pure prompt-based skill consisting only of markdown documentation. No executable code, no network access, no filesystem modifications, no command execution capabilities. The skill defines prompts and workflows for running iterative tasks with Claude.

1
Archivos escaneados
81
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad
← Volver a la habilidad