Compétences technical-clarity Historique des audits
📦

Historique des audits

technical-clarity - 4 audits

Version de l’audit 4

Dernier Sûr

Jun 27, 2026, 06:26 PM

Static analysis reported shell execution, weak cryptography, and system reconnaissance patterns. Review found these are false positives from Markdown fences, inline code formatting, HTTPS examples, accessibility prose, and readability metrics in SKILL.md. No executable scripts, network calls, credential access, prompt injection attempts, or malicious intent were found.

1
Fichiers analysés
497
Lignes analysées
3
Review items
0
False positives ignored

Confirmed security concerns (3)

Faible
False Positive: Markdown Backticks Flagged as Shell Execution
The external command findings are Markdown code fences and inline code examples used to teach documentation clarity. They do not execute commands, invoke a shell, or define runnable skill code.
The flagged text appears inside Markdown examples or inline formatting. There is no runtime file, command invocation API, or user-controlled shell input.
Faible
False Positive: Weak Cryptography Pattern in Prose
The weak cryptography findings occur in descriptive educational text, such as HTTPS guidance, accessibility requirements, and integration labels. No cryptographic algorithm, hashing function, or encryption implementation is present.
The matching lines are natural-language documentation guidance. I found no code that selects or uses a weak cryptographic primitive.
Faible
False Positive: System Reconnaissance Pattern in Review Guidance
The reconnaissance findings are ordinary writing-review instructions and readability metrics. They do not collect host, process, network, or environment information.
The flagged terms appear in static prose and section headings. No evidence was found for filesystem probing, environment inspection, or host reconnaissance.
Audité par: codex

Version de l’audit 1

Sûr

Jan 10, 2026, 09:28 AM

Pure prompt-based skill containing only documentation and guidelines. No executable code, network calls, file system access, or external commands. Risk level: safe.

1
Fichiers analysés
492
Lignes analysées
0
Review items
0
False positives ignored
Aucun problème de sécurité trouvé
Audité par: claude