Historial de auditorías

buddy-sings - 2 auditorías

Versión de auditoría 2

Más reciente Riesgo medio

May 27, 2026, 05:28 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

Archivos escaneados

446

Líneas analizadas

hallazgos

claude

Auditado por

No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (59)

SKILL.md:24-26 SKILL.md:26-29 SKILL.md:29-31 SKILL.md:31-35 SKILL.md:35-36 SKILL.md:36-37 SKILL.md:37-43 SKILL.md:43-45 SKILL.md:45-75 SKILL.md:75 SKILL.md:75-79 SKILL.md:79-81 SKILL.md:81-86 SKILL.md:86-87 SKILL.md:87-91 SKILL.md:91-95 SKILL.md:95-116 SKILL.md:116-119 SKILL.md:119-123 SKILL.md:123-129 SKILL.md:129-131 SKILL.md:131-138 SKILL.md:138-142 SKILL.md:142-145 SKILL.md:145 SKILL.md:145-153 SKILL.md:153-161 SKILL.md:161-191 SKILL.md:191-193 SKILL.md:193-194 SKILL.md:194-198 SKILL.md:198-200 SKILL.md:200-215 SKILL.md:215-222 SKILL.md:222-244 SKILL.md:244-251 SKILL.md:252-273 SKILL.md:273-276 SKILL.md:276-279 SKILL.md:279-299 SKILL.md:299-301 SKILL.md:301-323 SKILL.md:323-324 SKILL.md:324-327 SKILL.md:327-339 SKILL.md:339-356 SKILL.md:356-364 SKILL.md:364-370 SKILL.md:370-373 SKILL.md:373-379 SKILL.md:379-389 SKILL.md:389-399 SKILL.md:399-411 SKILL.md:411-418 SKILL.md:418-426 SKILL.md:426 SKILL.md:426-427 SKILL.md:427-428 SKILL.md:428-444

🌐 Acceso a red (2)

SKILL.md:188 SKILL.md:32

📁 Acceso al sistema de archivos (17)

SKILL.md:75 SKILL.md:129 SKILL.md:145 SKILL.md:192 SKILL.md:194 SKILL.md:426 SKILL.md:75 SKILL.md:129 SKILL.md:145 SKILL.md:192 SKILL.md:194 SKILL.md:426 SKILL.md:192 SKILL.md:199 SKILL.md:390 SKILL.md:392 SKILL.md:394

Patrones detectados

Ruby/shell backtick executionPython HTTP librariesHardcoded URLHidden file in home directoryHidden file accessStandard device file accessWeak cryptographic algorithmSystem reconnaissance

Versión de auditoría 1

Seguro

Apr 16, 2026, 06:07 AM

All 99 static analysis findings are false positives. The scanner misinterpreted markdown code fences (```bash) in SKILL.md as Ruby backtick execution. The file is documentation containing legitimate shell command examples for AI agent use, such as mmx CLI music generation, git log queries, and audio playback commands. No malicious patterns, credential exfiltration, or user input injection vectors were found. The skill is safe for publication.