Historique des audits
chrome-extension-icons - 6 audits
Version de l’audit 6
Dernier Risque moyenJun 28, 2026, 04:23 PM
AI review did not confirm the static critical heuristic as malicious. Most backtick, weak-crypto, and hidden-file alerts are false positives from markdown fences, template literals, URLs, and the ~/.claude installation path. The real risk is medium because the skill runs a local Node script that downloads icons, reads SVG/config files, writes PNG files, and updates manifest.json paths.
Problèmes à risque moyen (2)
Problèmes à risque faible (3)
Facteurs de risque
⚡ Contient des scripts (2)
🌐 Accès réseau (4)
📁 Accès au système de fichiers (6)
⚙️ Commandes externes (4)
🔑 Variables d’environnement (1)
Motifs détectés
Version de l’audit 5
SûrJan 16, 2026, 08:13 PM
This skill is a legitimate icon generation tool for Chrome extensions. All detected patterns are false positives: documentation examples trigger command pattern detection, network requests are to the documented Iconify API, and filesystem operations are standard file writes to user-specified directories. No credential access, exfiltration, or malicious behavior present.
Problèmes à risque faible (2)
Facteurs de risque
🌐 Accès réseau (1)
📁 Accès au système de fichiers (1)
⚡ Contient des scripts (1)
Version de l’audit 4
SûrJan 16, 2026, 08:13 PM
This skill is a legitimate icon generation tool for Chrome extensions. All detected patterns are false positives: documentation examples trigger command pattern detection, network requests are to the documented Iconify API, and filesystem operations are standard file writes to user-specified directories. No credential access, exfiltration, or malicious behavior present.
Problèmes à risque faible (2)
Facteurs de risque
🌐 Accès réseau (1)
📁 Accès au système de fichiers (1)
⚡ Contient des scripts (1)
Version de l’audit 3
Risque faibleJan 10, 2026, 11:29 AM
This skill is a legitimate icon generation tool for Chrome extensions. It makes documented HTTPS requests to the Iconify API to search and download icons, converts SVG to PNG using the Sharp library, and updates manifest.json. All operations are confined to user-specified directories with no exfiltration or persistence mechanisms.
Problèmes à risque faible (2)
Facteurs de risque
🌐 Accès réseau (3)
📁 Accès au système de fichiers (3)
⚡ Contient des scripts (1)
Version de l’audit 2
Risque faibleJan 10, 2026, 11:29 AM
This skill is a legitimate icon generation tool for Chrome extensions. It makes documented HTTPS requests to the Iconify API to search and download icons, converts SVG to PNG using the Sharp library, and updates manifest.json. All operations are confined to user-specified directories with no exfiltration or persistence mechanisms.
Problèmes à risque faible (2)
Facteurs de risque
🌐 Accès réseau (3)
📁 Accès au système de fichiers (3)
⚡ Contient des scripts (1)
Version de l’audit 1
Risque faibleJan 10, 2026, 11:29 AM
This skill is a legitimate icon generation tool for Chrome extensions. It makes documented HTTPS requests to the Iconify API to search and download icons, converts SVG to PNG using the Sharp library, and updates manifest.json. All operations are confined to user-specified directories with no exfiltration or persistence mechanisms.