Habilidades project-scaffolder Historial de auditorías
📦

Historial de auditorías

project-scaffolder - 6 auditorías

Versión de auditoría 6

Más reciente Riesgo bajo

Jan 21, 2026, 04:45 PM

All static findings are false positives. The skill is a documentation-only project scaffolding tool. Scanner misinterpreted Go import statements as dynamic imports, Cobra CLI framework references as cmd.exe execution, and legitimate configuration URLs and environment variable patterns as security risks. No actual malicious code execution, credential exfiltration, or command injection patterns present.

2
Archivos escaneados
2,301
Líneas analizadas
5
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚡ Contiene scripts (4)
skill-report.json:687 skill-report.json:688 SKILL.md:613-615 SKILL.md:626-632
⚙️ Comandos externos (79)
skill-report.json:1096 skill-report.json:1097 SKILL.md:54-60 SKILL.md:60-66 SKILL.md:66-78 SKILL.md:78-81 SKILL.md:81-110 SKILL.md:110-113 SKILL.md:113-136 SKILL.md:136-139 SKILL.md:139-148 SKILL.md:148-151 SKILL.md:151-173 SKILL.md:173-176 SKILL.md:176-191 SKILL.md:191-195 SKILL.md:195-204 SKILL.md:204-207 SKILL.md:207-237 SKILL.md:237-240 SKILL.md:240-269 SKILL.md:269-272 SKILL.md:272-281 SKILL.md:281-283 SKILL.md:283-286 SKILL.md:286-320 SKILL.md:320-323 SKILL.md:323-333 SKILL.md:333-336 SKILL.md:336-363 SKILL.md:363-366 SKILL.md:366-379 SKILL.md:379-383 SKILL.md:383-395 SKILL.md:395-398 SKILL.md:398-437 SKILL.md:437-440 SKILL.md:440-471 SKILL.md:471-474 SKILL.md:474-499 SKILL.md:499-502 SKILL.md:502-524 SKILL.md:524-527 SKILL.md:527-548 SKILL.md:548-551 SKILL.md:551-557 SKILL.md:557-560 SKILL.md:560-570 SKILL.md:570-574 SKILL.md:574-582 SKILL.md:582-585 SKILL.md:585-607 SKILL.md:607-610 SKILL.md:610-620 SKILL.md:620-623 SKILL.md:623-642 SKILL.md:642-677 SKILL.md:677-680 SKILL.md:680-709 SKILL.md:709-713 SKILL.md:713-717 SKILL.md:717-720 SKILL.md:720-734 SKILL.md:734-737 SKILL.md:737-758 SKILL.md:758-761 SKILL.md:761-778 SKILL.md:778-783 SKILL.md:783-816 SKILL.md:816-819 SKILL.md:819-834 SKILL.md:834-837 SKILL.md:837-874 SKILL.md:874-904 SKILL.md:904-938 SKILL.md:684 SKILL.md:680-709 SKILL.md:618 SKILL.md:646
🌐 Acceso a red (5)
skill-report.json:6 SKILL.md:484 SKILL.md:739 SKILL.md:823 SKILL.md:470
🔑 Variables de entorno (14)
skill-report.json:1156 skill-report.json:1157 SKILL.md:278 SKILL.md:278 SKILL.md:199 SKILL.md:274 SKILL.md:274 SKILL.md:276 SKILL.md:392 SKILL.md:556 SKILL.md:487 SKILL.md:826 SKILL.md:490 SKILL.md:833
📁 Acceso al sistema de archivos (1)
SKILL.md:655

Versión de auditoría 5

Riesgo medio

Jan 16, 2026, 11:06 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
Archivos escaneados
1,142
Líneas analizadas
5
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (5)
skill-report.json:6 SKILL.md:484 SKILL.md:739 SKILL.md:823 SKILL.md:470
⚡ Contiene scripts (2)
SKILL.md:613-615 SKILL.md:626-632
⚙️ Comandos externos (77)
SKILL.md:54-60 SKILL.md:60-66 SKILL.md:66-78 SKILL.md:78-81 SKILL.md:81-110 SKILL.md:110-113 SKILL.md:113-136 SKILL.md:136-139 SKILL.md:139-148 SKILL.md:148-151 SKILL.md:151-173 SKILL.md:173-176 SKILL.md:176-191 SKILL.md:191-195 SKILL.md:195-204 SKILL.md:204-207 SKILL.md:207-237 SKILL.md:237-240 SKILL.md:240-269 SKILL.md:269-272 SKILL.md:272-281 SKILL.md:281-283 SKILL.md:283-286 SKILL.md:286-320 SKILL.md:320-323 SKILL.md:323-333 SKILL.md:333-336 SKILL.md:336-363 SKILL.md:363-366 SKILL.md:366-379 SKILL.md:379-383 SKILL.md:383-395 SKILL.md:395-398 SKILL.md:398-437 SKILL.md:437-440 SKILL.md:440-471 SKILL.md:471-474 SKILL.md:474-499 SKILL.md:499-502 SKILL.md:502-524 SKILL.md:524-527 SKILL.md:527-548 SKILL.md:548-551 SKILL.md:551-557 SKILL.md:557-560 SKILL.md:560-570 SKILL.md:570-574 SKILL.md:574-582 SKILL.md:582-585 SKILL.md:585-607 SKILL.md:607-610 SKILL.md:610-620 SKILL.md:620-623 SKILL.md:623-642 SKILL.md:642-677 SKILL.md:677-680 SKILL.md:680-709 SKILL.md:709-713 SKILL.md:713-717 SKILL.md:717-720 SKILL.md:720-734 SKILL.md:734-737 SKILL.md:737-758 SKILL.md:758-761 SKILL.md:761-778 SKILL.md:778-783 SKILL.md:783-816 SKILL.md:816-819 SKILL.md:819-834 SKILL.md:834-837 SKILL.md:837-874 SKILL.md:874-904 SKILL.md:904-938 SKILL.md:684 SKILL.md:680-709 SKILL.md:618 SKILL.md:646
📁 Acceso al sistema de archivos (1)
SKILL.md:655
🔑 Variables de entorno (12)
SKILL.md:278 SKILL.md:278 SKILL.md:199 SKILL.md:274 SKILL.md:274 SKILL.md:276 SKILL.md:392 SKILL.md:556 SKILL.md:487 SKILL.md:826 SKILL.md:490 SKILL.md:833

Patrones detectados

Hardcoded URLC2 keywordsWeak cryptographic algorithmDynamic import() expressionRuby/shell backtick executionShell command substitutionTemplate literal with command substitutionWindows cmd.exeHardcoded IP addressHidden file accessEnvironment variable access (dot notation)Environment variable objectdotenv libraryDatabase connection stringsGeneric API/secret keysEnvironment file accessEnvironment variant filesSQLite database file[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

Versión de auditoría 4

Riesgo medio

Jan 16, 2026, 11:06 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
Archivos escaneados
1,142
Líneas analizadas
5
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (5)
skill-report.json:6 SKILL.md:484 SKILL.md:739 SKILL.md:823 SKILL.md:470
⚡ Contiene scripts (2)
SKILL.md:613-615 SKILL.md:626-632
⚙️ Comandos externos (77)
SKILL.md:54-60 SKILL.md:60-66 SKILL.md:66-78 SKILL.md:78-81 SKILL.md:81-110 SKILL.md:110-113 SKILL.md:113-136 SKILL.md:136-139 SKILL.md:139-148 SKILL.md:148-151 SKILL.md:151-173 SKILL.md:173-176 SKILL.md:176-191 SKILL.md:191-195 SKILL.md:195-204 SKILL.md:204-207 SKILL.md:207-237 SKILL.md:237-240 SKILL.md:240-269 SKILL.md:269-272 SKILL.md:272-281 SKILL.md:281-283 SKILL.md:283-286 SKILL.md:286-320 SKILL.md:320-323 SKILL.md:323-333 SKILL.md:333-336 SKILL.md:336-363 SKILL.md:363-366 SKILL.md:366-379 SKILL.md:379-383 SKILL.md:383-395 SKILL.md:395-398 SKILL.md:398-437 SKILL.md:437-440 SKILL.md:440-471 SKILL.md:471-474 SKILL.md:474-499 SKILL.md:499-502 SKILL.md:502-524 SKILL.md:524-527 SKILL.md:527-548 SKILL.md:548-551 SKILL.md:551-557 SKILL.md:557-560 SKILL.md:560-570 SKILL.md:570-574 SKILL.md:574-582 SKILL.md:582-585 SKILL.md:585-607 SKILL.md:607-610 SKILL.md:610-620 SKILL.md:620-623 SKILL.md:623-642 SKILL.md:642-677 SKILL.md:677-680 SKILL.md:680-709 SKILL.md:709-713 SKILL.md:713-717 SKILL.md:717-720 SKILL.md:720-734 SKILL.md:734-737 SKILL.md:737-758 SKILL.md:758-761 SKILL.md:761-778 SKILL.md:778-783 SKILL.md:783-816 SKILL.md:816-819 SKILL.md:819-834 SKILL.md:834-837 SKILL.md:837-874 SKILL.md:874-904 SKILL.md:904-938 SKILL.md:684 SKILL.md:680-709 SKILL.md:618 SKILL.md:646
📁 Acceso al sistema de archivos (1)
SKILL.md:655
🔑 Variables de entorno (12)
SKILL.md:278 SKILL.md:278 SKILL.md:199 SKILL.md:274 SKILL.md:274 SKILL.md:276 SKILL.md:392 SKILL.md:556 SKILL.md:487 SKILL.md:826 SKILL.md:490 SKILL.md:833

Patrones detectados

Hardcoded URLC2 keywordsWeak cryptographic algorithmDynamic import() expressionRuby/shell backtick executionShell command substitutionTemplate literal with command substitutionWindows cmd.exeHardcoded IP addressHidden file accessEnvironment variable access (dot notation)Environment variable objectdotenv libraryDatabase connection stringsGeneric API/secret keysEnvironment file accessEnvironment variant filesSQLite database file[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

Versión de auditoría 3

Seguro

Jan 10, 2026, 12:47 PM

Pure prompt-based skill containing only templates and guidance documentation. No executable code, no file system access, no network operations, and no command execution capabilities. This skill provides project scaffolding instructions that the AI generates for users to apply manually.

1
Archivos escaneados
950
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 2

Seguro

Jan 10, 2026, 12:47 PM

Pure prompt-based skill containing only templates and guidance documentation. No executable code, no file system access, no network operations, and no command execution capabilities. This skill provides project scaffolding instructions that the AI generates for users to apply manually.

1
Archivos escaneados
950
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Versión de auditoría 1

Seguro

Jan 10, 2026, 12:47 PM

Pure prompt-based skill containing only templates and guidance documentation. No executable code, no file system access, no network operations, and no command execution capabilities. This skill provides project scaffolding instructions that the AI generates for users to apply manually.

1
Archivos escaneados
950
Líneas analizadas
0
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad
← Volver a Skill