Habilidades commit-chat-push Historial de auditorías

📦

Historial de auditorías

commit-chat-push - 2 auditorías

Versión de auditoría 2

Más reciente Riesgo medio

Jun 28, 2026, 02:46 PM

Static analysis found many command, filesystem, and sensitive-data patterns. Most high-volume hits are Markdown transcript records, but the skill intentionally reads Codex session files and can commit a transcript to a remote repository. No prompt injection or confirmed malicious intent was found, but publication should carry a privacy warning.

Archivos escaneados

3,579

Líneas analizadas

hallazgos

codex

Auditado por

Problemas de riesgo medio (2)

SKILL.md:10-12 SKILL.md:64-67 README.md:54-58

Codex Session Transcript May Be Published

TRUE POSITIVE. The workflow exports local Codex sessions, stages the transcript, and pushes it with code. The skill warns that sessions may contain system instructions, full outputs, and secrets, but accidental disclosure remains possible.

scripts/export_codex_session.py:44-47 scripts/export_codex_session.py:251-261 scripts/export_codex_session.py:309-324

Redaction Can Be Weakened By Export Options

TRUE POSITIVE WITH LEGITIMATE USE. The exporter defaults to safer settings, but options allow full command output and disabled redaction. These options can expose terminal output, local paths, or secrets if used without review.

Problemas de riesgo bajo (2)

scripts/export_codex_session.py:33-40 scripts/export_codex_session.py:51-62 README.md:1-3

Hidden Codex Session Directory Access

TRUE POSITIVE BUT EXPECTED. The exporter reads the configured Codex sessions directory under CODEX_HOME or the home directory. This is necessary for the skill, but users should understand that private local session data is processed.

docs/codex-sessions/2026-05-03T07-08-37Z-add-commit-chat-push-skill-25255067.md:879-892 docs/codex-sessions/2026-05-03T07-08-37Z-add-commit-chat-push-skill-25255067.md:943-968

Static Command Hits In Historical Transcript

FALSE POSITIVE FOR EXECUTION RISK. Many severe static hits occur inside a committed Markdown transcript that records past tool calls. The transcript contains command text, but it is not executable code by itself.

Factores de riesgo

⚡ Contiene scripts (2)

scripts/export_codex_session.py:1-2 scripts/export_codex_session.py:33-48

📁 Acceso al sistema de archivos (3)

SKILL.md:10-12 scripts/export_codex_session.py:33-40 scripts/export_codex_session.py:51-62

🔑 Variables de entorno (1)

scripts/export_codex_session.py:33-34

⚙️ Comandos externos (3)

SKILL.md:16-20 SKILL.md:31-35 SKILL.md:64-67

🌐 Acceso a red (2)

SKILL.md:64-67 README.md:18-21

Patrones detectados

Transcript Exfiltration PathOptional Full Tool Output Capture

Versión de auditoría 1

Riesgo medio

May 3, 2026, 08:18 AM

This skill is a legitimate git workflow tool for committing code with Codex session provenance. Static findings are largely false positives: SHA256 is used for hashing file digests (not weak crypto for security), backtick patterns are documentation artifacts, and the CRITICAL blockers on ransomware/recursive delete refer to git rm commands used appropriately for git operations. The skill includes a built-in redaction system and explicit workflow steps to prevent secret leakage.

Archivos escaneados

3,589

Líneas analizadas

hallazgos

claude

Auditado por

Problemas de riesgo alto (1)

SKILL.md:17-27 SKILL.md:31-33 README.md:3-52 docs/codex-sessions/2026-05-03T07-08-37Z-add-commit-chat-push-skill-25255067.md:5-700

Command Execution in Documentation

Documentation files contain examples of shell command patterns including backticks, command substitution, and Unix shell invocations. These are documented examples, not executable code in the skill itself.

Problemas de riesgo medio (2)

scripts/export_codex_session.py:18-30

Redaction System Detected

The skill includes a redaction system to remove secrets from exported transcripts. The system uses regex patterns to detect and redact API keys, tokens, and sensitive credentials.

scripts/export_codex_session.py:34

Home Directory Path Handling

The skill accesses ~/.codex/sessions for transcript files and shortens home paths to ~ in output for privacy. This is expected behavior for a Codex session export tool.

Problemas de riesgo bajo (2)

scripts/export_codex_session.py:117-122

Cryptographic Hash Usage

SHA256 is used for file digest computation to track transcript source files. This is appropriate cryptographic usage for integrity verification.

scripts/export_codex_session.py:400-411

File System Access for Transcript Export

The skill creates and writes transcript files to the repository. This is the intended purpose of the skill.

Factores de riesgo

⚙️ Comandos externos (3)

SKILL.md:17-27 README.md:3-52 scripts/export_codex_session.py:1-419

📁 Acceso al sistema de archivos (3)

scripts/export_codex_session.py:51-62 scripts/export_codex_session.py:100-114 scripts/export_codex_session.py:400-411

Patrones detectados

Static Analysis False Positives in Documentation

← Volver a la habilidad