監査履歴
api-spectral - 6 監査
監査バージョン 6
最新 中リスクJun 28, 2026, 06:15 AM
Static analysis reported many command, network, filesystem, environment, script, and weak-crypto patterns. Manual review found these are mostly documentation examples, Spectral rules, and CI templates for security scanning, not hidden runtime behavior. One CI template includes a remote script piped to bash, so publication is acceptable only with a clear warning.
Capability review items (4)
These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.
リスク要因
⚙️ 外部コマンド (224)
🌐 ネットワークアクセス (30)
📁 ファイルシステムへのアクセス (9)
🔑 環境変数 (27)
⚡ スクリプトを含む (2)
検出されたパターン
監査バージョン 5
安全Jan 16, 2026, 03:16 PM
This is a documentation-only skill containing YAML configuration files and markdown guides for API security validation using Spectral. No executable scripts exist. All static findings are false positives triggered by example code patterns in documentation, YAML rule definitions that detect security issues (not use them), and CI/CD template placeholders.
リスク要因
⚙️ 外部コマンド (224)
🌐 ネットワークアクセス (30)
📁 ファイルシステムへのアクセス (9)
🔑 環境変数 (27)
⚡ スクリプトを含む (2)
監査バージョン 4
安全Jan 16, 2026, 03:16 PM
This is a documentation-only skill containing YAML configuration files and markdown guides for API security validation using Spectral. No executable scripts exist. All static findings are false positives triggered by example code patterns in documentation, YAML rule definitions that detect security issues (not use them), and CI/CD template placeholders.
リスク要因
⚙️ 外部コマンド (224)
🌐 ネットワークアクセス (30)
📁 ファイルシステムへのアクセス (9)
🔑 環境変数 (27)
⚡ スクリプトを含む (2)
監査バージョン 3
安全Jan 10, 2026, 10:18 AM
This is a documentation-only skill containing YAML configuration files and markdown guides for API security validation using Spectral. No executable scripts, no code execution paths, no network communications, and no file system modifications. All content is educational and procedural documentation for legitimate security tooling.
監査バージョン 2
安全Jan 10, 2026, 10:18 AM
This is a documentation-only skill containing YAML configuration files and markdown guides for API security validation using Spectral. No executable scripts, no code execution paths, no network communications, and no file system modifications. All content is educational and procedural documentation for legitimate security tooling.
監査バージョン 1
安全Jan 10, 2026, 10:18 AM
This is a documentation-only skill containing YAML configuration files and markdown guides for API security validation using Spectral. No executable scripts, no code execution paths, no network communications, and no file system modifications. All content is educational and procedural documentation for legitimate security tooling.