Compétences diffdock Historique des audits
🧬

Historique des audits

diffdock - 4 audits

Version de l’audit 4

Dernier Sûr

Jan 17, 2026, 06:46 AM

The static analysis flagged 295 potential issues, but ALL are FALSE POSITIVES. The scanner incorrectly identified scientific protein sequences (GFP containing 'SAM') as Windows SAM database references, scientific paper citations as weak cryptographic algorithms, standard Python loops as C2 beacon patterns, and markdown code block syntax as shell execution. This is a legitimate molecular docking research tool with no malicious intent or security vulnerabilities.

10
Fichiers analysés
2,493
Lignes analysées
4
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

⚙️ Commandes externes (4)
SKILL.md:42-470 references/confidence_and_limitations.md:146-166 references/parameters_reference.md:8-159 references/workflows_examples.md:9-377
🌐 Accès réseau (2)
SKILL.md:53-480 scripts/setup_check.py:179-194
📁 Accès au système de fichiers (2)
scripts/analyze_results.py:214 references/workflows_examples.md:290
⚡ Contient des scripts (1)
scripts/setup_check.py:40

Version de l’audit 3

Sûr

Jan 17, 2026, 06:46 AM

The static analysis flagged 295 potential issues, but ALL are FALSE POSITIVES. The scanner incorrectly identified scientific protein sequences (GFP containing 'SAM') as Windows SAM database references, scientific paper citations as weak cryptographic algorithms, standard Python loops as C2 beacon patterns, and markdown code block syntax as shell execution. This is a legitimate molecular docking research tool with no malicious intent or security vulnerabilities.

10
Fichiers analysés
2,493
Lignes analysées
4
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

⚙️ Commandes externes (4)
SKILL.md:42-470 references/confidence_and_limitations.md:146-166 references/parameters_reference.md:8-159 references/workflows_examples.md:9-377
🌐 Accès réseau (2)
SKILL.md:53-480 scripts/setup_check.py:179-194
📁 Accès au système de fichiers (2)
scripts/analyze_results.py:214 references/workflows_examples.md:290
⚡ Contient des scripts (1)
scripts/setup_check.py:40

Version de l’audit 2

Sûr

Jan 12, 2026, 04:19 PM

The static analysis flagged numerous false positives from documentation files containing bash command examples. No actual security vulnerabilities were found in the executable code. The skill is a legitimate scientific tool for molecular docking research.

9
Fichiers analysés
2,188
Lignes analysées
4
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

⚙️ Commandes externes (3)
references/workflows_examples.md:9-12 references/parameters_reference.md:8-15 SKILL.md:42-45
🌐 Accès réseau (2)
scripts/setup_check.py:179-194 SKILL.md:53
📁 Accès au système de fichiers (2)
scripts/analyze_results.py:214 references/workflows_examples.md:290
⚡ Contient des scripts (1)
scripts/setup_check.py:40

Version de l’audit 1

Risque faible

Jan 4, 2026, 05:11 PM

The skill includes local helper scripts that read and write user-specified files for validation and reporting. No network access, credential harvesting, or command execution was found. This is a legitimate scientific tool wrapper.

11
Fichiers analysés
2,440
Lignes analysées
3
résultats
claude
Audité par
Problèmes à risque faible (1)
scripts/analyze_results.py:91-109scripts/analyze_results.py:214-231
Reads and writes user-specified files
The scripts read local result files and write CSV summaries, for example `with open(confidence_file) as f:` and `with open(output_path, 'w', newline='') as f:`. This is expected for validation and reporting, but it means the skill can access any file path a user provides, which could expose sensitive data if misused.

Facteurs de risque

⚡ Contient des scripts (3)
scripts/setup_check.py:1-5 scripts/prepare_batch_csv.py:1-5 scripts/analyze_results.py:1-5
📁 Accès au système de fichiers (3)
scripts/prepare_batch_csv.py:44-56 scripts/analyze_results.py:91-109 scripts/analyze_results.py:214-231
← Retour au skill