Habilidades descriptive-action Historial de auditorías
📦

Historial de auditorías

descriptive-action - 6 auditorías

Versión de auditoría 6

Más reciente Seguro

Jun 28, 2026, 02:42 PM

Static analysis reported weak cryptographic algorithm and system reconnaissance patterns, but review found only ordinary documentation text in SKILL.md. No executable code, cryptography, command execution, network access, filesystem access, prompt injection, or data exfiltration behavior was found. The static findings are false positives and the skill is safe to publish.

1
Archivos escaneados
48
Líneas analizadas
2
hallazgos
codex
Auditado por
Problemas de riesgo bajo (2)
SKILL.md:2SKILL.md:3SKILL.md:7SKILL.md:10SKILL.md:14SKILL.md:31SKILL.md:35
False Positive Weak Cryptography Pattern Matches
Static analysis flagged weak cryptographic algorithm patterns at several SKILL.md lines. The reviewed lines contain the skill name, description, headings, and descriptive workflow text only. No hash function, encryption API, credential handling, or security-sensitive algorithm appears in the skill.
SKILL.md:27
False Positive System Reconnaissance Pattern Match
Static analysis flagged system reconnaissance at SKILL.md line 27. The line only instructs the model to avoid normative language. No command, host inspection, environment probing, or system inventory behavior is present.

Versión de auditoría 5

Seguro

Jan 16, 2026, 06:06 PM

All 34 static findings are FALSE POSITIVES. This is a pure prompt-based documentation skill containing only behavioral guidelines. The static scanner incorrectly flagged metadata hash strings (content_hash, tree_hash), source repository URLs, and English words like 'hash', 'system', and 'compare' as security threats. No executable code, network calls, filesystem operations, or external commands exist.

2
Archivos escaneados
224
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 4

Seguro

Jan 16, 2026, 06:06 PM

All 34 static findings are FALSE POSITIVES. This is a pure prompt-based documentation skill containing only behavioral guidelines. The static scanner incorrectly flagged metadata hash strings (content_hash, tree_hash), source repository URLs, and English words like 'hash', 'system', and 'compare' as security threats. No executable code, network calls, filesystem operations, or external commands exist.

2
Archivos escaneados
224
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 3

Seguro

Jan 10, 2026, 11:09 AM

Pure prompt-based skill containing only documentation and behavioral guidelines. No executable code, network calls, filesystem access, or external command execution. Risk level: safe.

1
Archivos escaneados
48
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 2

Seguro

Jan 10, 2026, 11:09 AM

Pure prompt-based skill containing only documentation and behavioral guidelines. No executable code, network calls, filesystem access, or external command execution. Risk level: safe.

1
Archivos escaneados
48
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 1

Seguro

Jan 10, 2026, 11:09 AM

Pure prompt-based skill containing only documentation and behavioral guidelines. No executable code, network calls, filesystem access, or external command execution. Risk level: safe.

1
Archivos escaneados
48
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad
← Volver a la habilidad