Historial de auditorías
pitchcraft - 2 auditorías
Versión de auditoría 2
Más reciente Riesgo medioJun 30, 2026, 08:24 AM
Static analysis reported many high and critical patterns, but review found most are false positives from markdown examples, documentation URLs, license text, and Chinese-language files. The confirmed risk is the npm postinstall installer, which writes skill files into AI agent configuration directories and uses environment-controlled install scope. No malicious intent, data exfiltration, or prompt injection attempt was found.
Confirmed security concerns (3)
Capability review items (3)
These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.
Factores de riesgo
⚡ Contiene scripts (2)
📁 Acceso al sistema de archivos (4)
🔑 Variables de entorno (3)
⚙️ Comandos externos (5)
🌐 Acceso a red (4)
Patrones detectados
Versión de auditoría 1
Riesgo bajoJun 2, 2026, 11:35 PM
PitchCraft is a writing/framework skill. Its only executable artifact is scripts/install.js, a transparent postinstall file copier that uses fs.mkdirSync and fs.copyFileSync to place SKILL.md into the standard agent skill directories under the user's home or project root. No network calls, no credential reads, no obfuscation, no eval. The static analyzer's 255 findings are dominated by false positives: markdown backticks flagged as Ruby/shell execution, Apache-2.0 license text flagged as 'weak cryptographic algorithm' (e.g. 'WITHOUT WARRANTIES'), the project's own GitHub URLs flagged as 'hardcoded URLs', Chinese UTF-8 text flagged as high-entropy binary content, and standard ~ paths flagged as 'hidden file access'. The install script is a legitimate npm postinstall pattern. No confirmed malicious behavior.
Confirmed security concerns (3)
Capability review items (5)
These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.