Compétences research-lookup Historique des audits
🔬

Historique des audits

research-lookup - 4 audits

Version de l’audit 4

Dernier Risque faible

Jan 17, 2026, 06:22 AM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. All 146 static findings are false positives: (1) API key environment reads are standard authentication for OPENROUTER_API_KEY, (2) network calls target the legitimate OpenRouter API endpoint, (3) 'external commands' flagged in SKILL.md are documentation examples showing command syntax, not runtime code execution, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as cryptographic algorithms. No malicious patterns detected after intent analysis.

6
Fichiers analysés
2,314
Lignes analysées
4
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🔑 Variables d’environnement (4)
scripts/research_lookup.py:44-46 scripts/lookup.py:152-155 scripts/examples.py:133-136 scripts/examples.py:152
🌐 Accès réseau (7)
scripts/research_lookup.py:48-53 scripts/research_lookup.py:88 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:191 scripts/research_lookup.py:323 scripts/research_lookup.py:341
📁 Accès au système de fichiers (1)
scripts/research_lookup.py:371
⚙️ Commandes externes (4)
SKILL.md:41-43 SKILL.md:70-76 SKILL.md:89-95 SKILL.md:108-114

Version de l’audit 3

Risque faible

Jan 17, 2026, 06:22 AM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. All 146 static findings are false positives: (1) API key environment reads are standard authentication for OPENROUTER_API_KEY, (2) network calls target the legitimate OpenRouter API endpoint, (3) 'external commands' flagged in SKILL.md are documentation examples showing command syntax, not runtime code execution, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as cryptographic algorithms. No malicious patterns detected after intent analysis.

6
Fichiers analysés
2,314
Lignes analysées
4
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🔑 Variables d’environnement (4)
scripts/research_lookup.py:44-46 scripts/lookup.py:152-155 scripts/examples.py:133-136 scripts/examples.py:152
🌐 Accès réseau (7)
scripts/research_lookup.py:48-53 scripts/research_lookup.py:88 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:191 scripts/research_lookup.py:323 scripts/research_lookup.py:341
📁 Accès au système de fichiers (1)
scripts/research_lookup.py:371
⚙️ Commandes externes (4)
SKILL.md:41-43 SKILL.md:70-76 SKILL.md:89-95 SKILL.md:108-114

Version de l’audit 2

Sûr

Jan 12, 2026, 04:44 PM

This is a legitimate academic research tool that makes API calls to OpenRouter for literature searches. The static scanner flagged 127 potential issues, but all are false positives: (1) API key environment reads are standard authentication, (2) network calls target the legitimate OpenRouter API, (3) 'external commands' flagged in SKILL.md are documentation examples, not code, and (4) 'weak cryptographic algorithm' mentions are ML architecture names (transformer, RNN) misidentified as crypto. No malicious patterns detected.

4
Fichiers analysés
1,346
Lignes analysées
4
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🔑 Variables d’environnement (27)
scripts/examples.py:152 scripts/examples.py:135 scripts/examples.py:135 scripts/examples.py:133 scripts/examples.py:135 scripts/examples.py:136 scripts/examples.py:152 scripts/lookup.py:152 scripts/lookup.py:152 scripts/lookup.py:152 scripts/lookup.py:153 scripts/lookup.py:155 scripts/lookup.py:155 scripts/research_lookup.py:44 scripts/research_lookup.py:381 scripts/research_lookup.py:44 scripts/research_lookup.py:381 scripts/research_lookup.py:44 scripts/research_lookup.py:44 scripts/research_lookup.py:45 scripts/research_lookup.py:46 scripts/research_lookup.py:51 scripts/research_lookup.py:381 scripts/research_lookup.py:382 scripts/research_lookup.py:384 scripts/research_lookup.py:384 SKILL.md:248
🌐 Accès réseau (10)
scripts/research_lookup.py:88 scripts/research_lookup.py:191 scripts/research_lookup.py:102 scripts/research_lookup.py:110 scripts/research_lookup.py:323 scripts/research_lookup.py:341 scripts/research_lookup.py:48 scripts/research_lookup.py:53 scripts/research_lookup.py:290 scripts/research_lookup.py:303
📁 Accès au système de fichiers (1)
scripts/research_lookup.py:371
⚙️ Commandes externes (64)
SKILL.md:41-43 SKILL.md:43-70 SKILL.md:70-76 SKILL.md:76-89 SKILL.md:89-95 SKILL.md:95-108 SKILL.md:108-114 SKILL.md:114-127 SKILL.md:127-133 SKILL.md:133-148 SKILL.md:148-158 SKILL.md:158-174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175 SKILL.md:175-176 SKILL.md:176 SKILL.md:176 SKILL.md:176 SKILL.md:176-177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177 SKILL.md:177-178 SKILL.md:178 SKILL.md:178 SKILL.md:178 SKILL.md:178-179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179 SKILL.md:179-180 SKILL.md:180 SKILL.md:180 SKILL.md:180 SKILL.md:180 SKILL.md:180-181 SKILL.md:181 SKILL.md:181 SKILL.md:181-206 SKILL.md:206-208 SKILL.md:208-217 SKILL.md:217-220 SKILL.md:220-229 SKILL.md:229-239 SKILL.md:239-240 SKILL.md:240-242 SKILL.md:242-248 SKILL.md:248-293 SKILL.md:293-310 SKILL.md:310-312

Version de l’audit 1

Risque faible

Jan 5, 2026, 04:14 PM

Legitimate research lookup skill. Makes API calls to OpenRouter for Perplexity Sonar models. Reads OPENROUTER_API_KEY for authentication. No suspicious patterns detected.

6
Fichiers analysés
1,226
Lignes analysées
2
résultats
claude
Audité par
Aucun problème de sécurité trouvé

Facteurs de risque

🌐 Accès réseau (2)
scripts/research_lookup.py:102-107 scripts/research_lookup.py:305-308
🔑 Variables d’environnement (2)
scripts/research_lookup.py:44-46 scripts/research_lookup.py:330-331
← Retour au skill