Compétences ai-architect-lite Historique des audits
📦

Historique des audits

ai-architect-lite - 6 audits

Version de l’audit 6

Dernier Risque moyen

Jun 28, 2026, 08:29 PM

Static analysis reported many high-risk patterns, but most are false positives from Markdown backticks, documentation examples, Chinese text entropy, and security guidance that mentions secrets. No prompt injection, network exfiltration, shell spawning, or credential access was found. The confirmed risk is local filesystem modification through bundled helper scripts, which is legitimate for this workflow but should be disclosed to users.

10
Fichiers analysés
749
Lignes analysées
8
résultats
codex
Audité par
Problèmes à risque moyen (2)
Local Filesystem Writes from Helper Scripts
The bundled helpers can create .ai_context/03_ACTIVE_TASK.md and write plan output to a user-selected path. This matches the skill purpose, but users should review paths before execution because local files can be created or overwritten.
User-Supplied Output Paths Need Review
The plan helper accepts an --out path and resolves it before writing. Its traversal check is not a strong project-root boundary, so a user-provided absolute path can target locations outside the current repository.
Problèmes à risque faible (3)
Static Shell Execution Matches Are Documentation Examples
The reported Ruby or shell backtick detections are Markdown inline code, fenced examples, or command examples. I did not find code that invokes a shell, subprocess, eval, or dynamic execution.
Network and Credential Static Matches Are False Positives
The network match is contribution text, and the environment-file match is security guidance warning users not to commit secrets. I did not find network requests or credential reads.
High Entropy Heuristics Are Caused by Multilingual Documentation
The high entropy findings occur in Markdown files containing Chinese text, symbols, and examples. No encoded payload, binary blob, or obfuscated code was found in those files.

Motifs détectés

File Creation and Overwrite APIs

Version de l’audit 5

Risque moyen

Jan 16, 2026, 08:58 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

11
Fichiers analysés
1,028
Lignes analysées
3
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

⚙️ Commandes externes (77)
🌐 Accès réseau (1)
📁 Accès au système de fichiers (4)

Motifs détectés

Ruby/shell backtick executionWeak cryptographic algorithmPython HTTP librariesSystem reconnaissanceEnvironment file accessPath traversal sequenceHidden file access[HEURISTIC] High file entropy (6.30 bits) - possible binary/encrypted content[HEURISTIC] High file entropy (7.04 bits) - possible binary/encrypted content[HEURISTIC] High file entropy (7.06 bits) - possible binary/encrypted content[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

Version de l’audit 4

Risque moyen

Jan 16, 2026, 08:58 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

11
Fichiers analysés
1,028
Lignes analysées
3
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

⚙️ Commandes externes (77)
🌐 Accès réseau (1)
📁 Accès au système de fichiers (4)

Motifs détectés

Ruby/shell backtick executionWeak cryptographic algorithmPython HTTP librariesSystem reconnaissanceEnvironment file accessPath traversal sequenceHidden file access[HEURISTIC] High file entropy (6.30 bits) - possible binary/encrypted content[HEURISTIC] High file entropy (7.04 bits) - possible binary/encrypted content[HEURISTIC] High file entropy (7.06 bits) - possible binary/encrypted content[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

Version de l’audit 3

Risque faible

Jan 10, 2026, 12:02 PM

Pure prompt-based Claude skill with two local utility scripts. Scripts access local filesystem only within project root with proper path traversal protection. No network calls, no credential access, no external command execution. Minimal security footprint with Python standard library only.

11
Fichiers analysés
699
Lignes analysées
2
résultats
claude
Audité par
Problèmes à risque faible (1)
Local filesystem access in utility scripts
Both Python scripts access the local filesystem to create and write files within the project root. append_log.py creates `.ai_context/03_ACTIVE_TASK.md` and appends log entries. plan_helper.py writes plan templates to files. These operations include path traversal protection (lines 76-79 in plan_helper.py, lines 62-75 in append_log.py) and are scoped to the project directory as documented. This is necessary for the skill's purpose of maintaining project context.

Version de l’audit 2

Risque faible

Jan 10, 2026, 12:02 PM

Pure prompt-based Claude skill with two local utility scripts. Scripts access local filesystem only within project root with proper path traversal protection. No network calls, no credential access, no external command execution. Minimal security footprint with Python standard library only.

11
Fichiers analysés
699
Lignes analysées
2
résultats
claude
Audité par
Problèmes à risque faible (1)
Local filesystem access in utility scripts
Both Python scripts access the local filesystem to create and write files within the project root. append_log.py creates `.ai_context/03_ACTIVE_TASK.md` and appends log entries. plan_helper.py writes plan templates to files. These operations include path traversal protection (lines 76-79 in plan_helper.py, lines 62-75 in append_log.py) and are scoped to the project directory as documented. This is necessary for the skill's purpose of maintaining project context.

Version de l’audit 1

Risque faible

Jan 10, 2026, 12:02 PM

Pure prompt-based Claude skill with two local utility scripts. Scripts access local filesystem only within project root with proper path traversal protection. No network calls, no credential access, no external command execution. Minimal security footprint with Python standard library only.

11
Fichiers analysés
699
Lignes analysées
2
résultats
claude
Audité par
Problèmes à risque faible (1)
Local filesystem access in utility scripts
Both Python scripts access the local filesystem to create and write files within the project root. append_log.py creates `.ai_context/03_ACTIVE_TASK.md` and appends log entries. plan_helper.py writes plan templates to files. These operations include path traversal protection (lines 76-79 in plan_helper.py, lines 62-75 in append_log.py) and are scoped to the project directory as documented. This is necessary for the skill's purpose of maintaining project context.