監査履歴
pytm - 6 監査
監査バージョン 6
最新 中リスクJun 28, 2026, 05:55 AM
Static analysis reported many command, network, credential, C2, and weak-crypto patterns, but review shows most are markdown examples, security taxonomy terms, or reference links. No prompt injection or malicious intent was found in SKILL.md. The remaining risk is legitimate guidance that includes package installation and sudo commands, so publication should include a command-execution warning.
中リスクの問題 (1)
低リスクの問題 (3)
リスク要因
🌐 ネットワークアクセス (2)
検出されたパターン
監査バージョン 5
安全Jan 16, 2026, 03:54 PM
Pure documentation skill containing only YAML frontmatter and markdown documentation teaching threat modeling concepts with the pytm library. No executable code, scripts, network calls, filesystem access, environment variable reads, or command execution capabilities are present. All static findings are false positives triggered by documentation patterns, not actual security risks.
リスク要因
🌐 ネットワークアクセス (10)
⚙️ 外部コマンド (55)
監査バージョン 4
安全Jan 16, 2026, 03:54 PM
Pure documentation skill containing only YAML frontmatter and markdown documentation teaching threat modeling concepts with the pytm library. No executable code, scripts, network calls, filesystem access, environment variable reads, or command execution capabilities are present. All static findings are false positives triggered by documentation patterns, not actual security risks.
リスク要因
🌐 ネットワークアクセス (10)
⚙️ 外部コマンド (55)
監査バージョン 3
安全Jan 10, 2026, 10:52 AM
Pure documentation skill containing no executable code. Only contains YAML frontmatter and markdown documentation teaching threat modeling concepts with the pytm library. No scripts, network calls, filesystem access, environment variable reads, or command execution capabilities present.
監査バージョン 2
安全Jan 10, 2026, 10:52 AM
Pure documentation skill containing no executable code. Only contains YAML frontmatter and markdown documentation teaching threat modeling concepts with the pytm library. No scripts, network calls, filesystem access, environment variable reads, or command execution capabilities present.
監査バージョン 1
安全Jan 10, 2026, 10:52 AM
Pure documentation skill containing no executable code. Only contains YAML frontmatter and markdown documentation teaching threat modeling concepts with the pytm library. No scripts, network calls, filesystem access, environment variable reads, or command execution capabilities present.