Habilidades gget Historial de auditorías
🧬

Historial de auditorías

gget - 4 auditorías

Versión de auditoría 4

Más reciente Seguro

Jan 17, 2026, 07:38 AM

This is legitimate bioinformatics software. All 614 static findings are false positives: markdown code fences were misidentified as Ruby shell execution, hardcoded URLs are public genomic databases (Ensembl, UniProt, NCBI), cryptographic patterns are data integrity checksums, and the critical heuristic is standard bioinformatics behavior (network queries to public APIs + local file operations for results).

9
Archivos escaneados
3,490
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (2)
references/database_info.md:22 SKILL.md:866-868
📁 Acceso al sistema de archivos (3)
scripts/gene_analysis.py:55-61 scripts/enrichment_pipeline.py:24-25 scripts/batch_sequence_analysis.py:97-98

Versión de auditoría 3

Seguro

Jan 17, 2026, 07:38 AM

This is legitimate bioinformatics software. All 614 static findings are false positives: markdown code fences were misidentified as Ruby shell execution, hardcoded URLs are public genomic databases (Ensembl, UniProt, NCBI), cryptographic patterns are data integrity checksums, and the critical heuristic is standard bioinformatics behavior (network queries to public APIs + local file operations for results).

9
Archivos escaneados
3,490
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

🌐 Acceso a red (2)
references/database_info.md:22 SKILL.md:866-868
📁 Acceso al sistema de archivos (3)
scripts/gene_analysis.py:55-61 scripts/enrichment_pipeline.py:24-25 scripts/batch_sequence_analysis.py:97-98

Versión de auditoría 2

Riesgo bajo

Jan 12, 2026, 04:16 PM

This is a legitimate bioinformatics tool. All 592 static findings are FALSE POSITIVES triggered by markdown documentation format. The analyzer misinterpreted markdown code block delimiters (backticks) as Ruby backtick execution, and flagged bioinformatics algorithm names as 'weak cryptographic algorithms'. No subprocess, os.system, or command injection patterns exist in the actual Python code.

7
Archivos escaneados
3,046
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (1)
SKILL.md:1-872
🌐 Acceso a red (1)
references/database_info.md:1-310

Versión de auditoría 1

Seguro

Jan 4, 2026, 04:34 PM

The skill provides wrapper scripts for the gget bioinformatics library. No credential theft, data exfiltration, or malicious code execution patterns were found. All network calls go to legitimate genomic databases (Ensembl, UniProt, AlphaFold, etc.). Filesystem access is limited to reading user-provided gene lists and writing results to local directories.

10
Archivos escaneados
3,190
Líneas analizadas
3
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚡ Contiene scripts (3)
scripts/gene_analysis.py:1-162 scripts/enrichment_pipeline.py:1-236 scripts/batch_sequence_analysis.py:1-192
🌐 Acceso a red (3)
scripts/gene_analysis.py:29-116 scripts/enrichment_pipeline.py:68-74 scripts/batch_sequence_analysis.py:73-88
📁 Acceso al sistema de archivos (3)
scripts/gene_analysis.py:42-61 scripts/enrichment_pipeline.py:14-27 scripts/batch_sequence_analysis.py:13-33
← Volver a Skill