Habilidades tests-maintenance Historial de auditorías
🧪

Historial de auditorías

tests-maintenance - 4 auditorías

Versión de auditoría 4

Más reciente Seguro

Jan 17, 2026, 06:41 AM

This is a legitimate test maintenance skill from JetBrains for the IdeaVim project. All 74 static findings are false positives: SHA-256 hash identifiers in metadata were misidentified as cryptographic algorithms, markdown code blocks and documentation tables were misidentified as shell execution, and standard dev commands were misidentified as reconnaissance. The skill only provides guidance for test quality review and does not execute code automatically.

2
Archivos escaneados
447
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (1)
SKILL.md:27-36
📁 Acceso al sistema de archivos (1)
SKILL.md:32-35

Versión de auditoría 3

Seguro

Jan 17, 2026, 06:41 AM

This is a legitimate test maintenance skill from JetBrains for the IdeaVim project. All 74 static findings are false positives: SHA-256 hash identifiers in metadata were misidentified as cryptographic algorithms, markdown code blocks and documentation tables were misidentified as shell execution, and standard dev commands were misidentified as reconnaissance. The skill only provides guidance for test quality review and does not execute code automatically.

2
Archivos escaneados
447
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (1)
SKILL.md:27-36
📁 Acceso al sistema de archivos (1)
SKILL.md:32-35

Versión de auditoría 2

Riesgo bajo

Jan 5, 2026, 03:46 PM

This is a prompt-based test maintenance skill from JetBrains. It provides guidance for reviewing test quality but does not execute code automatically. The skill references shell commands for test discovery and gradle for test execution, matching its documented purpose of test maintenance.

3
Archivos escaneados
236
Líneas analizadas
3
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
SKILL.md:27-186
Shell command references in skill prompt
The skill references shell commands (find, grep, shuf) and gradle commands for test discovery and execution. While these are standard development tools appropriate for a test maintenance skill, shell command execution carries inherent risk if commands are dynamically constructed. In this case, commands are hardcoded patterns in the prompt instructions.

Factores de riesgo

⚙️ Comandos externos (6)
SKILL.md:27-36 SKILL.md:44-47 SKILL.md:50 SKILL.md:59-65 SKILL.md:105-107 SKILL.md:174-186
📁 Acceso al sistema de archivos (4)
SKILL.md:32-35 SKILL.md:46-47 SKILL.md:61-65 SKILL.md:106-107

Versión de auditoría 1

Riesgo bajo

Jan 5, 2026, 03:46 PM

This is a prompt-based test maintenance skill from JetBrains. It provides guidance for reviewing test quality but does not execute code automatically. The skill references shell commands for test discovery and gradle for test execution, matching its documented purpose of test maintenance.

3
Archivos escaneados
236
Líneas analizadas
3
hallazgos
claude
Auditado por
Problemas de riesgo bajo (1)
SKILL.md:27-186
Shell command references in skill prompt
The skill references shell commands (find, grep, shuf) and gradle commands for test discovery and execution. While these are standard development tools appropriate for a test maintenance skill, shell command execution carries inherent risk if commands are dynamically constructed. In this case, commands are hardcoded patterns in the prompt instructions.

Factores de riesgo

⚙️ Comandos externos (6)
SKILL.md:27-36 SKILL.md:44-47 SKILL.md:50 SKILL.md:59-65 SKILL.md:105-107 SKILL.md:174-186
📁 Acceso al sistema de archivos (4)
SKILL.md:32-35 SKILL.md:46-47 SKILL.md:61-65 SKILL.md:106-107
← Volver a Skill