Habilidades threejs-animation Historial de auditorías
📦

Historial de auditorías

threejs-animation - 2 auditorías

Versión de auditoría 2

Más reciente Seguro

Jun 28, 2026, 11:28 PM

The static analyzer flagged many Markdown code fences as Ruby or shell backtick execution, but the file contains documentation examples for Three.js. The weak cryptography and certificate key alerts are false positives from ordinary words and Object.keys usage, with no prompt injection, credential access, installer script, or data exfiltration evidence found.

1
Archivos escaneados
553
Líneas analizadas
3
hallazgos
codex
Auditado por
Problemas de riesgo bajo (3)
False Positive: Weak Cryptography Pattern Matches Documentation Text
The weak cryptographic algorithm alerts occur in descriptive Three.js animation text, including the front matter description, interpolation mode heading, AnimationMixer description, and loop mode comment. No cryptographic API or hashing behavior is present.
False Positive: Object.keys Flagged as Certificate or Key File Access
The sensitive-file alert points to Object.keys used to list morph target attributes. This is ordinary JavaScript object introspection and does not read certificate files, private keys, or filesystem paths.

Versión de auditoría 1

Seguro

Feb 10, 2026, 09:04 AM

All static findings are false positives. This is a documentation-only skill containing JavaScript code examples. No executable code, shell commands, network requests, filesystem operations, or cryptographic operations exist. The scanner misidentified JavaScript template literals as shell backticks and animation properties as cryptographic algorithms.

1
Archivos escaneados
553
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad