Habilidades ppt-editing-skill Historial de auditorías
📦

Historial de auditorías

ppt-editing-skill - 2 auditorías

Versión de auditoría 2

Más reciente Riesgo medio

May 27, 2026, 08:52 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

1
Archivos escaneados
194
Líneas analizadas
2
hallazgos
claude
Auditado por
No se encontraron problemas de seguridad

Factores de riesgo

⚙️ Comandos externos (55)
SKILL.md:14-17 SKILL.md:17-18 SKILL.md:18-38 SKILL.md:38-39 SKILL.md:39-40 SKILL.md:40-43 SKILL.md:43-52 SKILL.md:52-54 SKILL.md:54-56 SKILL.md:56-58 SKILL.md:58-64 SKILL.md:64-66 SKILL.md:66-74 SKILL.md:74-75 SKILL.md:75-76 SKILL.md:76-77 SKILL.md:77-80 SKILL.md:80-83 SKILL.md:83 SKILL.md:83 SKILL.md:83-91 SKILL.md:91 SKILL.md:91-93 SKILL.md:93-95 SKILL.md:95 SKILL.md:95-97 SKILL.md:97-117 SKILL.md:117 SKILL.md:117-121 SKILL.md:121 SKILL.md:121-122 SKILL.md:122 SKILL.md:122-133 SKILL.md:133-138 SKILL.md:138-145 SKILL.md:145-148 SKILL.md:148-152 SKILL.md:152-155 SKILL.md:155-169 SKILL.md:169-171 SKILL.md:171 SKILL.md:171-179 SKILL.md:179-181 SKILL.md:181-185 SKILL.md:185 SKILL.md:185-186 SKILL.md:186 SKILL.md:186-187 SKILL.md:187 SKILL.md:187-188 SKILL.md:188 SKILL.md:188-192 SKILL.md:192 SKILL.md:192-193 SKILL.md:193
📁 Acceso al sistema de archivos (6)
SKILL.md:150 SKILL.md:158 SKILL.md:162 SKILL.md:166 SKILL.md:83 SKILL.md:83

Patrones detectados

Ruby/shell backtick executionPath traversal sequenceTemp directory accessPython archive librariesWeak cryptographic algorithm

Versión de auditoría 1

Riesgo bajo

Apr 16, 2026, 07:23 AM

Static analyzer flagged 75 patterns, but all are false positives. The 55 external_commands flags misidentified markdown code fence delimiters as Ruby backtick execution. The 4 path traversal flags misread XML formatting examples. The 14 weak crypto flags misidentified XML hex entity references. Real risks are limited to expected external command usage (cp, python, markitdown) and filesystem access for PPTX unpacking and repacking, both legitimate for this skill's purpose.

1
Archivos escaneados
194
Líneas analizadas
4
hallazgos
claude
Auditado por
Problemas de riesgo bajo (2)
SKILL.md:14-17SKILL.md:54-56SKILL.md:74-77
External Command Execution
Skill instructs agents to run shell commands (cp, python -m markitdown) and reference Python scripts (unpack.py, add_slide.py, clean.py, pack.py) for PPTX manipulation. Commands are hardcoded with no user input injection vectors.
SKILL.md:15SKILL.md:55SKILL.md:83
Filesystem Read and Write Access
Skill reads user-provided PPTX files and writes to the working directory and /tmp/ for intermediate processing. File paths are user-provided but operations are limited to copy, extract, and repack PPTX archives.

Factores de riesgo

⚙️ Comandos externos (3)
SKILL.md:14-17 SKILL.md:54-56 SKILL.md:74-77
📁 Acceso al sistema de archivos (3)
SKILL.md:83 SKILL.md:15 SKILL.md:55
← Volver a Skill