監査履歴

This skill is a legitimate git utility. Static scanner found 20 patterns but ALL are false positives. The scanner misidentified Markdown backticks as shell execution, JSON text as cryptographic algorithms, and a source URL as a network vulnerability. The code only runs hardcoded read-only git commands (status, diff, rev-parse) with argument lists and timeouts.

This skill is a legitimate git utility. Static scanner found 20 patterns but ALL are false positives. The scanner misidentified Markdown backticks as shell execution, JSON text as cryptographic algorithms, and a source URL as a network vulnerability. The code only runs hardcoded read-only git commands (status, diff, rev-parse) with argument lists and timeouts.

This skill is a legitimate git utility that analyzes staged changes to help draft commit messages. It uses subprocess to run read-only git commands (status, diff, rev-parse) with hardcoded arguments. No network calls, no arbitrary command execution, no file access outside the git repository.

This skill is a legitimate git utility that analyzes staged changes to help draft commit messages. It uses subprocess to run read-only git commands (status, diff, rev-parse) with hardcoded arguments. No network calls, no arbitrary command execution, no file access outside the git repository.

This skill is a legitimate git utility that analyzes staged changes to help draft commit messages. It uses subprocess to run read-only git commands (status, diff, rev-parse) with hardcoded arguments. No network calls, no arbitrary command execution, no file access outside the git repository.