Historique des audits
using-beads-bv - 6 audits
Version de l’audit 6
Dernier Risque moyenJun 28, 2026, 06:05 AM
Static analysis flagged many shell-command patterns and several weak-crypto patterns. The weak-crypto detections are false positives, and the network finding is only a project link, but the skill does instruct agents to run bd, bv, and git commands that can alter local and remote state. No prompt injection, credential access, obfuscation, or data exfiltration intent was found in SKILL.md.
Problèmes à risque moyen (2)
Problèmes à risque faible (2)
Facteurs de risque
⚙️ Commandes externes (7)
🌐 Accès réseau (1)
Motifs détectés
Version de l’audit 5
SûrJan 16, 2026, 03:00 PM
Pure documentation skill containing only markdown guidance for using beads/bv CLI tools. No executable code, no network calls, no file system access, no command execution. All 61 static findings are false positives from misinterpreting markdown command examples as executable backtick syntax.
Facteurs de risque
⚙️ Commandes externes (27)
🌐 Accès réseau (1)
Version de l’audit 4
SûrJan 16, 2026, 03:00 PM
Pure documentation skill containing only markdown guidance for using beads/bv CLI tools. No executable code, no network calls, no file system access, no command execution. All 61 static findings are false positives from misinterpreting markdown command examples as executable backtick syntax.
Facteurs de risque
⚙️ Commandes externes (27)
🌐 Accès réseau (1)
Version de l’audit 3
SûrJan 10, 2026, 10:26 AM
Pure documentation skill containing only markdown guidance for using beads/bv CLI tools. No executable code, no network calls, no file system access, no command execution. Risk level is safe.
Version de l’audit 2
SûrJan 10, 2026, 10:26 AM
Pure documentation skill containing only markdown guidance for using beads/bv CLI tools. No executable code, no network calls, no file system access, no command execution. Risk level is safe.
Version de l’audit 1
SûrJan 10, 2026, 10:26 AM
Pure documentation skill containing only markdown guidance for using beads/bv CLI tools. No executable code, no network calls, no file system access, no command execution. Risk level is safe.