Habilidades foundations-problem-solution-fit Historial de auditorías
📦

Historial de auditorías

foundations-problem-solution-fit - 6 auditorías

Versión de auditoría 6

Más reciente Seguro

Jun 28, 2026, 02:48 PM

The static analyzer reported command execution, weak cryptography, and reconnaissance patterns, but review found these are false positives in Markdown templates and product strategy text. The skill contains guidance, JSON examples, and output formats only; no executable scripts, network calls, credential access, or prompt injection language were found.

1
Archivos escaneados
585
Líneas analizadas
3
hallazgos
codex
Auditado por
Problemas de riesgo bajo (3)
SKILL.md:59-81SKILL.md:118-145SKILL.md:183-219SKILL.md:262-303SKILL.md:342-388SKILL.md:402-416SKILL.md:420-453
False Positive: Markdown Code Fences Flagged as Shell Execution
The reported Ruby or shell backtick execution locations are Markdown code fences around output templates and JSON examples. They do not instruct the assistant to execute commands and do not contain shell code.
SKILL.md:3SKILL.md:126SKILL.md:201SKILL.md:335SKILL.md:463-474SKILL.md:509
False Positive: Business Terms Flagged as Weak Cryptography
The weak cryptography matches occur in ordinary words and product planning phrases, such as description fields, critical assumptions, and platform strategy. No cryptographic algorithm, hashing function, encryption library, or security implementation appears in the skill.
SKILL.md:47SKILL.md:234SKILL.md:320SKILL.md:511
False Positive: Interview Prompts Flagged as Reconnaissance
The reconnaissance matches are customer discovery and product strategy prompts. They ask about user workflows, unmet needs, and product pitfalls, not host information, environment variables, network topology, or local system details.

Versión de auditoría 5

Seguro

Jan 16, 2026, 06:15 PM

Pure documentation skill containing only structured guidance and frameworks. Contains no executable code, no filesystem access, no network calls, and no external command execution. All static findings are false positives triggered by semantic misinterpretation of documentation text.

2
Archivos escaneados
763
Líneas analizadas
1
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (18)
SKILL.md:59-81 SKILL.md:81-118 SKILL.md:118-145 SKILL.md:145-183 SKILL.md:183-219 SKILL.md:219-262 SKILL.md:262-303 SKILL.md:303-342 SKILL.md:342-388 SKILL.md:388-393 SKILL.md:393-394 SKILL.md:394-397 SKILL.md:397-398 SKILL.md:398-399 SKILL.md:399-402 SKILL.md:402-416 SKILL.md:416-420 SKILL.md:420-453

Versión de auditoría 4

Seguro

Jan 16, 2026, 06:15 PM

Pure documentation skill containing only structured guidance and frameworks. Contains no executable code, no filesystem access, no network calls, and no external command execution. All static findings are false positives triggered by semantic misinterpretation of documentation text.

2
Archivos escaneados
763
Líneas analizadas
1
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (18)
SKILL.md:59-81 SKILL.md:81-118 SKILL.md:118-145 SKILL.md:145-183 SKILL.md:183-219 SKILL.md:219-262 SKILL.md:262-303 SKILL.md:303-342 SKILL.md:342-388 SKILL.md:388-393 SKILL.md:393-394 SKILL.md:394-397 SKILL.md:397-398 SKILL.md:398-399 SKILL.md:399-402 SKILL.md:402-416 SKILL.md:416-420 SKILL.md:420-453

Versión de auditoría 3

Seguro

Jan 10, 2026, 11:13 AM

Pure prompt-based documentation skill with no executable code, no filesystem access, no network calls, and no external command execution. Contains only structured guidance and templates for problem-solution fit methodology.

1
Archivos escaneados
585
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 2

Seguro

Jan 10, 2026, 11:13 AM

Pure prompt-based documentation skill with no executable code, no filesystem access, no network calls, and no external command execution. Contains only structured guidance and templates for problem-solution fit methodology.

1
Archivos escaneados
585
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 1

Seguro

Jan 10, 2026, 11:13 AM

Pure prompt-based documentation skill with no executable code, no filesystem access, no network calls, and no external command execution. Contains only structured guidance and templates for problem-solution fit methodology.

1
Archivos escaneados
585
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad
← Volver a la habilidad