Habilidades self-improving-agent Historial de auditorías
📦

Historial de auditorías

self-improving-agent - 2 auditorías

Versión de auditoría 2

Más reciente Riesgo alto

Jun 28, 2026, 09:47 PM

Static analysis produced many alerts, but most blocker-level items are false positives from markdown examples, diagrams, and research links. The confirmed risk is high because this community skill requests broad file-editing and Bash capabilities, teaches self-modification of skills, and documents hooks that can log tool input and command output.

10
Archivos escaneados
1,037
Líneas analizadas
9
hallazgos
codex
Auditado por

Problemas de riesgo alto (2)

Broad Self-Modifying Agent Permissions
The community skill requests Bash, Write, Edit, and WebSearch access while instructing the agent to update skill files, memory files, and related guidance after skill events. This is powerful automation, but it can change repository behavior beyond the immediate user task.
Hook Configuration Can Log Sensitive Tool Data
The hook examples pass tool input and Bash output into local shell commands for logging. Tool input and output can include secrets, paths, or proprietary data, so this pattern needs explicit user approval and log handling controls.
Problemas de riesgo medio (1)
Home Directory Configuration Changes
The documentation instructs users to create a symlink under ~/.claude and edit Claude Code settings. This is a legitimate installation pattern, but it changes global agent behavior for the user account.
Problemas de riesgo bajo (3)
Shell Command Findings Are Mostly Documentation
Most external command detections are markdown examples, diagrams, or hook configuration snippets. I did not find unquoted command construction or instructions to execute untrusted input through a shell.
Network Findings Are Research Links, Not Exfiltration
The hardcoded URLs point to research references and articles. I did not find evidence that the skill sends local data to those URLs.
Weak Crypto, C2, and Credential Alerts Appear False Positive
The weak cryptography, C2 keyword, Windows SAM, and reconnaissance alerts match prose, diagrams, markdown paths, or article titles. No evidence found of credential theft, cryptographic downgrade, C2 behavior, or system reconnaissance logic.

Patrones detectados

Broad Self-Modifying Agent PermissionsHook Configuration Can Log Sensitive Tool Data

Versión de auditoría 1

Seguro

Mar 17, 2026, 08:23 AM

This is a legitimate Claude Code skill for self-improvement. The static scanner flagged 121 potential issues, but after semantic evaluation, all are false positives. External command detections are markdown backticks in documentation. Network detections are academic reference URLs. Filesystem detections are standard Claude Code config paths. No actual security risks present.

10
Archivos escaneados
1,037
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad