Compétences type-safety-validation Historique des audits
📦

Historique des audits

type-safety-validation - 7 audits

Version de l’audit 7

Dernier Risque faible

Jun 28, 2026, 10:43 AM

The static analyzer flagged many high-risk patterns, but review shows they are markdown code fences, TypeScript examples, documentation URLs, and relative imports. No malicious behavior or prompt injection was found. One low-risk documentation issue remains because a sample tRPC mutation uses publicProcedure without showing authentication.

1
Fichiers analysés
326
Lignes analysées
7
résultats
codex
Audité par
Problèmes à risque faible (4)
SKILL.md:27SKILL.md:80SKILL.md:141SKILL.md:205SKILL.md:295
Static Command Execution Detections Are Markdown False Positives
The external command findings point to markdown code fences and TypeScript sample blocks, not runnable Ruby or shell backtick execution. The skill contains instructional examples, and no executable script file or command invocation was found.
SKILL.md:60-61SKILL.md:111SKILL.md:184SKILL.md:225SKILL.md:322-325
Network And Filesystem Detections Are Documentation Examples
The hardcoded URL findings are localhost, example API, and public documentation links. The filesystem findings are TypeScript method chaining and a relative import inside sample code, not hidden file access or path traversal.
SKILL.md:3SKILL.md:152SKILL.md:189-191SKILL.md:238SKILL.md:307-311
Weak Crypto And Reconnaissance Detections Are Terminology False Positives
The blocker findings map to general TypeScript, Prisma, or decorator terminology such as descriptions, descending sort order, and type utilities. No hashing algorithm, host discovery, scanning logic, or reconnaissance behavior was present.
SKILL.md:248-257
Sample Mutation Omits Authentication Context
The full-stack example uses publicProcedure for a create mutation and does not show authorization checks. This is not malicious, but users could copy the sample into a production API without adding access control.

Facteurs de risque

⚙️ Commandes externes (25)
SKILL.md:27 SKILL.md:53 SKILL.md:56 SKILL.md:76 SKILL.md:80 SKILL.md:117 SKILL.md:121 SKILL.md:139 SKILL.md:141 SKILL.md:169 SKILL.md:173 SKILL.md:192 SKILL.md:201 SKILL.md:205 SKILL.md:295 SKILL.md:301 SKILL.md:304 SKILL.md:307 SKILL.md:307 SKILL.md:308 SKILL.md:309 SKILL.md:309 SKILL.md:311 SKILL.md:311 SKILL.md:315
🌐 Accès réseau (6)
SKILL.md:111 SKILL.md:184 SKILL.md:322 SKILL.md:323 SKILL.md:324 SKILL.md:325
📁 Accès au système de fichiers (3)
SKILL.md:225 SKILL.md:60 SKILL.md:61

Motifs détectés

Unauthenticated Write Procedure In Sample Code

Version de l’audit 6

Sûr

Jan 21, 2026, 04:17 PM

Educational skill providing TypeScript type safety patterns and examples. All 61 static findings are false positives from pattern matching in documentation and code examples. No actual security risks detected.

2
Fichiers analysés
926
Lignes analysées
0
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Version de l’audit 5

Risque moyen

Jan 16, 2026, 05:16 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
Fichiers analysés
507
Lignes analysées
3
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🌐 Accès réseau (6)
SKILL.md:111 SKILL.md:184 SKILL.md:322 SKILL.md:323 SKILL.md:324 SKILL.md:325
⚙️ Commandes externes (25)
SKILL.md:27-53 SKILL.md:53-56 SKILL.md:56-76 SKILL.md:76-80 SKILL.md:80-117 SKILL.md:117-121 SKILL.md:121-139 SKILL.md:139-141 SKILL.md:141-169 SKILL.md:169-173 SKILL.md:173-192 SKILL.md:192-201 SKILL.md:201-205 SKILL.md:205-295 SKILL.md:295-301 SKILL.md:301-304 SKILL.md:304-307 SKILL.md:307 SKILL.md:307-308 SKILL.md:308-309 SKILL.md:309 SKILL.md:309-311 SKILL.md:311 SKILL.md:311-315 SKILL.md:315
📁 Accès au système de fichiers (3)
SKILL.md:225 SKILL.md:60 SKILL.md:61

Motifs détectés

Hardcoded URLWeak cryptographic algorithmRuby/shell backtick executionPath traversal sequenceHidden file accessSystem reconnaissanceNetwork reconnaissance

Version de l’audit 4

Risque moyen

Jan 16, 2026, 05:16 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
Fichiers analysés
507
Lignes analysées
3
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🌐 Accès réseau (6)
SKILL.md:111 SKILL.md:184 SKILL.md:322 SKILL.md:323 SKILL.md:324 SKILL.md:325
⚙️ Commandes externes (25)
SKILL.md:27-53 SKILL.md:53-56 SKILL.md:56-76 SKILL.md:76-80 SKILL.md:80-117 SKILL.md:117-121 SKILL.md:121-139 SKILL.md:139-141 SKILL.md:141-169 SKILL.md:169-173 SKILL.md:173-192 SKILL.md:192-201 SKILL.md:201-205 SKILL.md:205-295 SKILL.md:295-301 SKILL.md:301-304 SKILL.md:304-307 SKILL.md:307 SKILL.md:307-308 SKILL.md:308-309 SKILL.md:309 SKILL.md:309-311 SKILL.md:311 SKILL.md:311-315 SKILL.md:315
📁 Accès au système de fichiers (3)
SKILL.md:225 SKILL.md:60 SKILL.md:61

Motifs détectés

Hardcoded URLWeak cryptographic algorithmRuby/shell backtick executionPath traversal sequenceHidden file accessSystem reconnaissanceNetwork reconnaissance

Version de l’audit 3

Sûr

Jan 10, 2026, 10:54 AM

Pure documentation skill containing only educational content about type safety patterns. No executable code, no network operations, no file access, no external command execution. Risk factor evidence array is empty due to zero detected risk factors.

1
Fichiers analysés
326
Lignes analysées
0
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Version de l’audit 2

Sûr

Jan 10, 2026, 10:54 AM

Pure documentation skill containing only educational content about type safety patterns. No executable code, no network operations, no file access, no external command execution. Risk factor evidence array is empty due to zero detected risk factors.

1
Fichiers analysés
326
Lignes analysées
0
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Version de l’audit 1

Sûr

Jan 10, 2026, 10:54 AM

Pure documentation skill containing only educational content about type safety patterns. No executable code, no network operations, no file access, no external command execution. Risk factor evidence array is empty due to zero detected risk factors.

1
Fichiers analysés
326
Lignes analysées
0
résultats
claude
Audité par
Aucun problème de sécurité trouvé
← Retour au skill