Compétences routeros-fundamentals Historique des audits

📦

Historique des audits

routeros-fundamentals - 3 audits

Version de l’audit 3

Dernier Risque faible

May 9, 2026, 03:40 PM

This is a documentation-only skill providing RouterOS v7 domain knowledge. All 1893 static findings are false positives: backtick patterns are code examples in markdown documentation, not executable code; weak crypto references are cipher suite names in configuration examples; credential patterns are documentation references. No malicious code execution patterns exist. Skill is safe to publish.

Fichiers analysés

3,263

Lignes analysées

résultats

claude

Audité par

Problèmes à risque moyen (1)

references/async-commands-rest.md:10-203 references/bun-runtime-gotchas.md:5-99 references/device-mode-rest.md:3-202 references/scripting.md:5-329

External Command Pattern in Documentation

Markdown documentation contains backtick-delimited code examples showing RouterOS CLI commands that resemble shell backtick syntax. These are documentation examples, not executable code. The skill is documentation-only with no code execution capability.

Problèmes à risque faible (3)

references/routeros-users-rest.md:28-399 references/routeros-networking-rest.md:28-607 SKILL.md:58-96

Hardcoded URLs in Documentation

Documentation contains hardcoded URLs and IP addresses for demonstration purposes (e.g., 127.0.0.1:9100, example.com). These are example values for documentation clarity, not actual network connections.

references/routeros-users-rest.md:3-401 SKILL.md:117-123

Credential References in Documentation

Documentation references default credentials (admin:) and SSH key paths (id_ed25519.pub) for educational purposes. These are documentation patterns, not actual credentials.

references/version-parsing.md:12-14 references/rest-api-patterns.md:100-105

Version Parsing with Crypto Keywords

Version-parsing code includes strings like 'des-cbc', 'rc4', 'md5' in cipher suite documentation. These are RouterOS configuration values, not actual crypto operations.

Facteurs de risque

⚙️ Commandes externes (1518)

🌐 Accès réseau (278)

🔑 Variables d’environnement (2)

references/bun-runtime-gotchas.md:52 references/bun-runtime-gotchas.md:52

⚡ Contient des scripts (1)

references/routeros-users-rest.md:290

📁 Accès au système de fichiers (1)

references/version-parsing.md:76

Version de l’audit 2

Sûr

Apr 16, 2026, 09:03 PM

Security scan detected 1898 potential issues, but all are false positives. The skill consists entirely of markdown documentation files containing RouterOS v7 reference material. The static scanner misidentified markdown code fences (backticks around code blocks) as Ruby shell execution, API documentation examples as code implementation, and common networking terminology as command-and-control indicators. No executable code, no credential exfiltration, no network access, and no malicious patterns exist. This is legitimate educational documentation for MikroTik RouterOS administrators.

Fichiers analysés

3,265

Lignes analysées

résultats

claude

Audité par

Aucun problème de sécurité trouvé

Facteurs de risque

⚙️ Commandes externes (14)

SKILL.md:41-59 references/scripting.md:10-323 references/async-commands-rest.md:10-205 references/bun-runtime-gotchas.md:5-99 references/device-mode-rest.md:3-202 references/device-mode.md:5-68 references/extra-packages.md:6-89 references/licensing-rest.md:1-142 references/packages-rest.md:1-159 references/rest-api-patterns.md:9-152 references/routeros-firewall-rest.md:3-489 references/routeros-networking-rest.md:9-610 references/routeros-users-rest.md:1-401 references/version-parsing.md:5-146

🌐 Accès réseau (11)

SKILL.md:48-54 references/rest-api-patterns.md:19-126 references/routeros-firewall-rest.md:13-465 references/routeros-networking-rest.md:22-585 references/routeros-users-rest.md:28-397 references/device-mode-rest.md:174-177 references/packages-rest.md:47-111 references/licensing-rest.md:54-86 references/bun-runtime-gotchas.md:11-90 references/version-parsing.md:91-110 references/extra-packages.md:63-84

Version de l’audit 1

Risque faible

Mar 30, 2026, 02:06 AM

Static analyzer flagged 434 patterns but all are false positives on documentation content. The skill contains RouterOS CLI reference material and TypeScript usage examples - no executable code. External command patterns are RouterOS CLI syntax (/system/print), network patterns are documentation examples for REST API usage, and crypto/C2 keywords are version strings (rc=release candidate). Safe for publication with minor documentation risk warnings.

Fichiers analysés

804

Lignes analysées

résultats

claude

Audité par

Problèmes à risque faible (2)

references/device-mode.md:5-15 references/scripting.md:146-152

Documentation Contains System Command Examples

Skill documentation includes RouterOS CLI command examples that could be misused if users copy commands without understanding context. Commands like /system/reboot and /disk/format are documented for educational purposes.

SKILL.md:75-76 references/rest-api-patterns.md:98-106

Network Configuration Examples with Default Credentials

Documentation shows RouterOS default authentication pattern (admin with empty password) which is accurate for fresh installations but could normalize insecure practices if users do not change defaults.

Facteurs de risque

⚙️ Commandes externes (3)

SKILL.md:10-35 references/device-mode.md:5-63 references/scripting.md:5-163

🌐 Accès réseau (3)

SKILL.md:71-130 references/rest-api-patterns.md:19-150 references/version-parsing.md:90-145

📁 Accès au système de fichiers (1)

references/version-parsing.md:136-145

← Retour au skill