Historial de auditorías - finishing-a-development-branch

Versión de auditoría 5

Más reciente Seguro

Jan 16, 2026, 09:38 PM

This is a legitimate Git branch completion workflow skill. All 74 static findings are false positives: the analyzer incorrectly flagged 'git' commands as cryptographic operations, standard shell command capture for git output as injection risks, and routine output redirections as filesystem access. The skill performs standard git operations (checkout, merge, branch deletion, worktree cleanup) with proper safeguards including test verification, merge conflict detection, and user confirmations before destructive actions.

2

Archivos escaneados

389

Líneas analizadas

3

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (2)

skill-report.json:6 SKILL.md:96

⚙️ Comandos externos (61)

SKILL.md:13 SKILL.md:13 SKILL.md:13 SKILL.md:14 SKILL.md:14 SKILL.md:15 SKILL.md:15 SKILL.md:15 SKILL.md:16 SKILL.md:16 SKILL.md:17 SKILL.md:17 SKILL.md:17 SKILL.md:19 SKILL.md:25-35 SKILL.md:35-37 SKILL.md:37 SKILL.md:37-39 SKILL.md:39-45 SKILL.md:45-54 SKILL.md:54-60 SKILL.md:60-64 SKILL.md:64-67 SKILL.md:67-77 SKILL.md:77-81 SKILL.md:81-87 SKILL.md:87-89 SKILL.md:89-93 SKILL.md:93-94 SKILL.md:94-100 SKILL.md:100-104 SKILL.md:104-116 SKILL.md:116-118 SKILL.md:118-122 SKILL.md:122-129 SKILL.md:129-136 SKILL.md:136-141 SKILL.md:141-144 SKILL.md:144-146 SKILL.md:146-152 SKILL.md:152-160 SKILL.md:160-179 SKILL.md:179 SKILL.md:179-180 SKILL.md:180-181 SKILL.md:181-182 SKILL.md:182-183 SKILL.md:183-184 SKILL.md:184-189 SKILL.md:189-190 SKILL.md:29 SKILL.md:105 SKILL.md:106 SKILL.md:108-115 SKILL.md:154 SKILL.md:154 SKILL.md:156 SKILL.md:157 SKILL.md:25-35 SKILL.md:104-116 SKILL.md:152-160

📁 Acceso al sistema de archivos (3)

SKILL.md:28 SKILL.md:29 SKILL.md:95

Versión de auditoría 4

Seguro

Jan 16, 2026, 09:38 PM

This is a legitimate Git branch completion workflow skill. All 74 static findings are false positives: the analyzer incorrectly flagged 'git' commands as cryptographic operations, standard shell command capture for git output as injection risks, and routine output redirections as filesystem access. The skill performs standard git operations (checkout, merge, branch deletion, worktree cleanup) with proper safeguards including test verification, merge conflict detection, and user confirmations before destructive actions.

2

Archivos escaneados

389

Líneas analizadas

3

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (2)

skill-report.json:6 SKILL.md:96

⚙️ Comandos externos (61)

SKILL.md:13 SKILL.md:13 SKILL.md:13 SKILL.md:14 SKILL.md:14 SKILL.md:15 SKILL.md:15 SKILL.md:15 SKILL.md:16 SKILL.md:16 SKILL.md:17 SKILL.md:17 SKILL.md:17 SKILL.md:19 SKILL.md:25-35 SKILL.md:35-37 SKILL.md:37 SKILL.md:37-39 SKILL.md:39-45 SKILL.md:45-54 SKILL.md:54-60 SKILL.md:60-64 SKILL.md:64-67 SKILL.md:67-77 SKILL.md:77-81 SKILL.md:81-87 SKILL.md:87-89 SKILL.md:89-93 SKILL.md:93-94 SKILL.md:94-100 SKILL.md:100-104 SKILL.md:104-116 SKILL.md:116-118 SKILL.md:118-122 SKILL.md:122-129 SKILL.md:129-136 SKILL.md:136-141 SKILL.md:141-144 SKILL.md:144-146 SKILL.md:146-152 SKILL.md:152-160 SKILL.md:160-179 SKILL.md:179 SKILL.md:179-180 SKILL.md:180-181 SKILL.md:181-182 SKILL.md:182-183 SKILL.md:183-184 SKILL.md:184-189 SKILL.md:189-190 SKILL.md:29 SKILL.md:105 SKILL.md:106 SKILL.md:108-115 SKILL.md:154 SKILL.md:154 SKILL.md:156 SKILL.md:157 SKILL.md:25-35 SKILL.md:104-116 SKILL.md:152-160

📁 Acceso al sistema de archivos (3)

SKILL.md:28 SKILL.md:29 SKILL.md:95

Versión de auditoría 3

Seguro

Jan 10, 2026, 12:34 PM

Pure prompt-based skill containing only markdown documentation for git branch completion workflow. No executable code, no network calls, no file access beyond local git repository operations guided by user intent.

1

Archivos escaneados

213

Líneas analizadas

0

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Versión de auditoría 2

Seguro

Jan 10, 2026, 12:34 PM

Pure prompt-based skill containing only markdown documentation for git branch completion workflow. No executable code, no network calls, no file access beyond local git repository operations guided by user intent.

1

Archivos escaneados

213

Líneas analizadas

0

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Versión de auditoría 1

Seguro

Jan 10, 2026, 12:34 PM

Pure prompt-based skill containing only markdown documentation for git branch completion workflow. No executable code, no network calls, no file access beyond local git repository operations guided by user intent.

1

Archivos escaneados

213

Líneas analizadas

0

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad