Compétences hypogenic Historique des audits
📊

Historique des audits

hypogenic - 6 audits

Version de l’audit 6

Dernier Risque faible

Jan 21, 2026, 05:27 PM

This scientific hypothesis generation skill was scanned with 126 potential issues detected. After evaluation, all findings are false positives: environment variable references for API keys follow security best practices; hardcoded URLs are legitimate documentation links; shell command examples are user setup instructions; no actual cryptographic code or command-and-control patterns exist. The skill makes normal LLM API calls for hypothesis generation, which is expected functionality.

3
Fichiers analysés
2,075
Lignes analysées
2
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🌐 Accès réseau (4)
SKILL.md:24 SKILL.md:544 SKILL.md:564 SKILL.md:603-604
⚙️ Commandes externes (3)
SKILL.md:19-31 SKILL.md:123-125 SKILL.md:233-235

Version de l’audit 5

Risque moyen

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
Fichiers analysés
1,017
Lignes analysées
3
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🔑 Variables d’environnement (2)
references/config_template.yaml:17 references/config_template.yaml:17
🌐 Accès réseau (18)
skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617
⚙️ Commandes externes (80)
SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

Motifs détectés

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

Version de l’audit 4

Risque moyen

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
Fichiers analysés
1,017
Lignes analysées
3
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🔑 Variables d’environnement (2)
references/config_template.yaml:17 references/config_template.yaml:17
🌐 Accès réseau (18)
skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617
⚙️ Commandes externes (80)
SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

Motifs détectés

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

Version de l’audit 3

Risque moyen

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2
Fichiers analysés
806
Lignes analysées
5
résultats
claude
Audité par
Problèmes à risque moyen (1)
SKILL.md:233SKILL.md:243
External command execution for GROBID PDF processing
External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.
Problèmes à risque faible (1)
SKILL.md:24SKILL.md:135
Hardcoded URLs to academic resources
The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

Facteurs de risque

🔑 Variables d’environnement (1)
references/config_template.yaml:17
⚙️ Commandes externes (2)
SKILL.md:233 SKILL.md:243
🌐 Accès réseau (2)
SKILL.md:24 SKILL.md:135

Version de l’audit 2

Risque moyen

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2
Fichiers analysés
806
Lignes analysées
5
résultats
claude
Audité par
Problèmes à risque moyen (1)
SKILL.md:233SKILL.md:243
External command execution for GROBID PDF processing
External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.
Problèmes à risque faible (1)
SKILL.md:24SKILL.md:135
Hardcoded URLs to academic resources
The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

Facteurs de risque

🔑 Variables d’environnement (1)
references/config_template.yaml:17
⚙️ Commandes externes (2)
SKILL.md:233 SKILL.md:243
🌐 Accès réseau (2)
SKILL.md:24 SKILL.md:135

Version de l’audit 1

Sûr

Jan 4, 2026, 04:39 PM

The skill files are pure documentation and configuration templates. No executable code exists in the skill directory. All described functionality (CLI commands, Python API, Redis caching) refers to an external hypogenic package that users install separately. The skill itself only provides guidance, templates, and usage instructions for Claude to help users work with this external package.

5
Fichiers analysés
1,036
Lignes analysées
1
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🌐 Accès réseau (1)
references/config_template.yaml:15-19
← Retour au skill