Habilidades 1password-credential-lookup Historial de auditorías
🔐

Historial de auditorías

1password-credential-lookup - 5 auditorías

Versión de auditoría 5

Más reciente Riesgo bajo

Jan 16, 2026, 09:02 PM

Legitimate credential lookup tool that uses 1Password CLI for secure retrieval. No network calls, no credential exfiltration. Subprocess calls to `op` CLI use hardcoded string arguments. Static findings are false positives triggered by expected credential access patterns.

3
Archivos escaneados
507
Líneas analizadas
3
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
scripts/find_credential.py:112-128
Credentials output via stdout
Script outputs credentials as JSON to stdout. This is the designed behavior for credential retrieval. Not a security flaw but expected functionality.

Factores de riesgo

⚙️ Comandos externos (1)
scripts/find_credential.py:30-31
📁 Acceso al sistema de archivos (1)
scripts/find_credential.py:57-87

Versión de auditoría 4

Riesgo bajo

Jan 16, 2026, 09:02 PM

Legitimate credential lookup tool that uses 1Password CLI for secure retrieval. No network calls, no credential exfiltration. Subprocess calls to `op` CLI use hardcoded string arguments. Static findings are false positives triggered by expected credential access patterns.

3
Archivos escaneados
507
Líneas analizadas
3
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
scripts/find_credential.py:112-128
Credentials output via stdout
Script outputs credentials as JSON to stdout. This is the designed behavior for credential retrieval. Not a security flaw but expected functionality.

Factores de riesgo

⚙️ Comandos externos (1)
scripts/find_credential.py:30-31
📁 Acceso al sistema de archivos (1)
scripts/find_credential.py:57-87

Versión de auditoría 3

Riesgo bajo

Jan 10, 2026, 12:14 PM

Legitimate credential lookup tool that uses 1Password CLI for secure credential retrieval. No network calls, no credential exfiltration, and behavior matches stated purpose.

2
Archivos escaneados
252
Líneas analizadas
4
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
scripts/find_credential.py:112-116scripts/find_credential.py:128
Credentials output via stdout
The script outputs credentials (username/password) as JSON to stdout at lines 112-116 and 128. While this is the intended purpose for credential retrieval, credentials are exposed in process output which could be logged or captured. An attacker with access to the system could potentially read credentials from process listings or logs.

Factores de riesgo

⚡ Contiene scripts (1)
scripts/find_credential.py:1-146
⚙️ Comandos externos (3)
scripts/find_credential.py:30-31 scripts/find_credential.py:58 scripts/find_credential.py:81
📁 Acceso al sistema de archivos (2)
scripts/find_credential.py:57-77 scripts/find_credential.py:80-87

Versión de auditoría 2

Riesgo bajo

Jan 10, 2026, 12:14 PM

Legitimate credential lookup tool that uses 1Password CLI for secure credential retrieval. No network calls, no credential exfiltration, and behavior matches stated purpose.

2
Archivos escaneados
252
Líneas analizadas
4
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
scripts/find_credential.py:112-116scripts/find_credential.py:128
Credentials output via stdout
The script outputs credentials (username/password) as JSON to stdout at lines 112-116 and 128. While this is the intended purpose for credential retrieval, credentials are exposed in process output which could be logged or captured. An attacker with access to the system could potentially read credentials from process listings or logs.

Factores de riesgo

⚡ Contiene scripts (1)
scripts/find_credential.py:1-146
⚙️ Comandos externos (3)
scripts/find_credential.py:30-31 scripts/find_credential.py:58 scripts/find_credential.py:81
📁 Acceso al sistema de archivos (2)
scripts/find_credential.py:57-77 scripts/find_credential.py:80-87

Versión de auditoría 1

Riesgo bajo

Jan 10, 2026, 12:14 PM

Legitimate credential lookup tool that uses 1Password CLI for secure credential retrieval. No network calls, no credential exfiltration, and behavior matches stated purpose.

2
Archivos escaneados
252
Líneas analizadas
4
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
scripts/find_credential.py:112-116scripts/find_credential.py:128
Credentials output via stdout
The script outputs credentials (username/password) as JSON to stdout at lines 112-116 and 128. While this is the intended purpose for credential retrieval, credentials are exposed in process output which could be logged or captured. An attacker with access to the system could potentially read credentials from process listings or logs.

Factores de riesgo

⚡ Contiene scripts (1)
scripts/find_credential.py:1-146
⚙️ Comandos externos (3)
scripts/find_credential.py:30-31 scripts/find_credential.py:58 scripts/find_credential.py:81
📁 Acceso al sistema de archivos (2)
scripts/find_credential.py:57-77 scripts/find_credential.py:80-87
← Volver a Skill