Historial de auditorías - research-merge

Versión de auditoría 4

Más reciente Riesgo bajo

Jan 17, 2026, 06:45 AM

This is a legitimate research management skill that handles git operations for research branches. The static scanner produced numerous false positives due to pattern matching heuristics that do not apply to this context. All git commands are hardcoded strings for legitimate repository operations. File system access is limited to reading markdown research documents and writing merged output. No credentials are accessed or exfiltrated. The skill is safe for publication.

5

Archivos escaneados

1,188

Líneas analizadas

2

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180

📁 Acceso al sistema de archivos (2)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127

Versión de auditoría 3

Riesgo bajo

Jan 17, 2026, 06:45 AM

This is a legitimate research management skill that handles git operations for research branches. The static scanner produced numerous false positives due to pattern matching heuristics that do not apply to this context. All git commands are hardcoded strings for legitimate repository operations. File system access is limited to reading markdown research documents and writing merged output. No credentials are accessed or exfiltrated. The skill is safe for publication.

5

Archivos escaneados

1,188

Líneas analizadas

2

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180

📁 Acceso al sistema de archivos (2)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127

Versión de auditoría 2

Riesgo bajo

Jan 5, 2026, 02:20 AM

This is a legitimate research management skill that handles git operations for research branches. It reads markdown files, performs text analysis for duplicate detection, and executes standard git commands. No malicious behavior detected.

4

Archivos escaneados

800

Líneas analizadas

3

hallazgos

claude

Auditado por

Problemas de riesgo bajo (1)

SKILL.md:128-150

Git command execution in documentation

The SKILL.md documentation contains example git commands (git merge --squash, git push origin --delete) that would be executed by the Claude agent. These are legitimate git operations for merging research branches, but represent code execution capabilities.

Factores de riesgo

📁 Acceso al sistema de archivos (4)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127 scripts/merge_findings.py:129-132 scripts/merge_findings.py:274-275

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180

Versión de auditoría 1

Riesgo bajo

Jan 5, 2026, 02:20 AM

This is a legitimate research management skill that handles git operations for research branches. It reads markdown files, performs text analysis for duplicate detection, and executes standard git commands. No malicious behavior detected.

4

Archivos escaneados

800

Líneas analizadas

3

hallazgos

claude

Auditado por

Problemas de riesgo bajo (1)

SKILL.md:128-150

Git command execution in documentation

The SKILL.md documentation contains example git commands (git merge --squash, git push origin --delete) that would be executed by the Claude agent. These are legitimate git operations for merging research branches, but represent code execution capabilities.

Factores de riesgo

📁 Acceso al sistema de archivos (4)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127 scripts/merge_findings.py:129-132 scripts/merge_findings.py:274-275

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180