Historial de auditorías
context-save - 6 auditorías
Versión de auditoría 6
Más reciente Riesgo medioJun 28, 2026, 10:02 PM
Static command-execution, weak-crypto, reconnaissance, and entropy findings are false positives caused by Markdown backticks, readable Chinese prose, and example text. The confirmed risk is that the skill directs agents to persist session summaries into repository files, which can accidentally retain secrets or proprietary context.
Problemas de riesgo medio (1)
Problemas de riesgo bajo (4)
Factores de riesgo
📁 Acceso al sistema de archivos (3)
Versión de auditoría 5
SeguroJan 16, 2026, 08:31 PM
This is a prompt-based skill with no executable code. SKILL.md contains only natural language instructions for generating markdown session summaries. No file system access, network calls, or command execution capabilities exist in the skill itself. The static analyzer produced false positives by misinterpreting Chinese text and markdown formatting as security vulnerabilities. All findings are dismissed as false positives.
Factores de riesgo
Versión de auditoría 4
SeguroJan 16, 2026, 08:31 PM
This is a prompt-based skill with no executable code. SKILL.md contains only natural language instructions for generating markdown session summaries. No file system access, network calls, or command execution capabilities exist in the skill itself. The static analyzer produced false positives by misinterpreting Chinese text and markdown formatting as security vulnerabilities. All findings are dismissed as false positives.
Factores de riesgo
Versión de auditoría 3
SeguroJan 10, 2026, 12:13 PM
This is a prompt-based skill with no executable code. It provides instructions for generating markdown session summaries. No file system access, network calls, or command execution capabilities detected. The behavior matches the stated purpose exactly.
Versión de auditoría 2
SeguroJan 10, 2026, 12:13 PM
This is a prompt-based skill with no executable code. It provides instructions for generating markdown session summaries. No file system access, network calls, or command execution capabilities detected. The behavior matches the stated purpose exactly.
Versión de auditoría 1
SeguroJan 10, 2026, 12:13 PM
This is a prompt-based skill with no executable code. It provides instructions for generating markdown session summaries. No file system access, network calls, or command execution capabilities detected. The behavior matches the stated purpose exactly.