📦

監査履歴

prototype-to-production - 6 監査

監査バージョン 6

最新 低リスク

Jun 28, 2026, 10:15 AM

Static analysis reported command execution, network, weak cryptography, credential, and combined-risk patterns, but review found these are documentation and template false positives. The skill contains Markdown examples, SVG namespace URLs, and design token wording, with no evidence of real shell execution, external requests, secret access, weak crypto use, or prompt injection. Publication is reasonable with a low-risk filesystem warning because the workflow reads project files and generates component files.

5
スキャンされたファイル
1,063
解析済み行数
5
検出結果
codex
監査者
低リスクの問題 (4)
Filesystem Project Inspection and Code Generation
The workflow asks the agent to inspect package.json, TypeScript configuration, styling files, and theme CSS, then provide file placement and component integration guidance. This is legitimate for a prototype conversion skill, but users should review generated file changes before applying them.
Static Command Execution Findings Are Documentation Examples
The external command detections correspond to Markdown inline code, JSX examples, TypeScript snippets, and conversion tables. No evidence found of executable shell commands, Ruby backticks, child process APIs, or dynamic code execution.
Static Network Findings Are Non-Request URLs
The hardcoded URL detections are an external JSON schema identifier and SVG namespace attributes. No evidence found of fetch, axios, curl, webhook endpoints, or data exfiltration behavior.
Static Weak Crypto and Credential Findings Are Token Collisions
The weak cryptography and certificate-key detections appear to match words such as design tokens, theme tokens, and event.key. No evidence found of MD5, SHA-1, certificate files, private keys, encryption code, or secret handling.

リスク要因

📁 ファイルシステムへのアクセス (3)

監査バージョン 5

安全

Jan 16, 2026, 04:58 PM

Pure documentation skill with no executable code. Static findings are false positives caused by the scanner misinterpreting React/TypeScript syntax (className, onClick) as shell commands and cryptographic patterns. No scripts, network calls, or credential access exist in this skill.

6
スキャンされたファイル
1,283
解析済み行数
2
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

リスク要因

⚙️ 外部コマンド (141)
references/conversion-patterns.md:11 references/conversion-patterns.md:11 references/conversion-patterns.md:12 references/conversion-patterns.md:12 references/conversion-patterns.md:13 references/conversion-patterns.md:13 references/conversion-patterns.md:14 references/conversion-patterns.md:14 references/conversion-patterns.md:15 references/conversion-patterns.md:15 references/conversion-patterns.md:16 references/conversion-patterns.md:16 references/conversion-patterns.md:22 references/conversion-patterns.md:22 references/conversion-patterns.md:23 references/conversion-patterns.md:23 references/conversion-patterns.md:24 references/conversion-patterns.md:24 references/conversion-patterns.md:25 references/conversion-patterns.md:25 references/conversion-patterns.md:26 references/conversion-patterns.md:26 references/conversion-patterns.md:27 references/conversion-patterns.md:27 references/conversion-patterns.md:31-39 references/conversion-patterns.md:39-45 references/conversion-patterns.md:45-51 references/conversion-patterns.md:51-55 references/conversion-patterns.md:55-61 references/conversion-patterns.md:61-67 references/conversion-patterns.md:67 references/conversion-patterns.md:67-68 references/conversion-patterns.md:68 references/conversion-patterns.md:68-69 references/conversion-patterns.md:69 references/conversion-patterns.md:69-70 references/conversion-patterns.md:70 references/conversion-patterns.md:70-71 references/conversion-patterns.md:71 references/conversion-patterns.md:71-72 references/conversion-patterns.md:72 references/conversion-patterns.md:72-73 references/conversion-patterns.md:73 references/conversion-patterns.md:73-74 references/conversion-patterns.md:74 references/conversion-patterns.md:74-75 references/conversion-patterns.md:75 references/conversion-patterns.md:75-76 references/conversion-patterns.md:76 references/conversion-patterns.md:76-82 references/conversion-patterns.md:82-94 references/conversion-patterns.md:94-98 references/conversion-patterns.md:98-112 references/conversion-patterns.md:112-116 references/conversion-patterns.md:116-128 references/conversion-patterns.md:128-132 references/conversion-patterns.md:132-143 references/conversion-patterns.md:143-149 references/conversion-patterns.md:149-157 references/conversion-patterns.md:157-161 references/conversion-patterns.md:161-170 references/conversion-patterns.md:170-174 references/conversion-patterns.md:174-196 references/conversion-patterns.md:196-202 references/conversion-patterns.md:202-218 references/conversion-patterns.md:218-222 references/conversion-patterns.md:222-238 references/conversion-patterns.md:238-244 references/conversion-patterns.md:244-253 references/conversion-patterns.md:253-257 references/conversion-patterns.md:257-265 references/conversion-patterns.md:265-266 references/conversion-patterns.md:266-272 references/conversion-patterns.md:272-282 references/conversion-patterns.md:282-286 references/conversion-patterns.md:286-296 references/conversion-patterns.md:296-302 references/conversion-patterns.md:302-319 references/conversion-patterns.md:319-325 references/conversion-patterns.md:325-333 references/conversion-patterns.md:333-337 references/conversion-patterns.md:337-348 references/conversion-patterns.md:348-352 references/conversion-patterns.md:352-361 references/conversion-patterns.md:361-367 references/conversion-patterns.md:367-381 references/conversion-patterns.md:381-385 references/conversion-patterns.md:385-394 SKILL.md:17 SKILL.md:24-33 SKILL.md:33-41 SKILL.md:41-42 SKILL.md:42-43 SKILL.md:43-46 SKILL.md:46-50 SKILL.md:50-56 SKILL.md:56-57 SKILL.md:57 SKILL.md:57-58 SKILL.md:58-59 SKILL.md:59-60 SKILL.md:60-63 SKILL.md:63-64 SKILL.md:64-67 SKILL.md:67-68 SKILL.md:68 SKILL.md:68-77 SKILL.md:77-90 SKILL.md:90-102 SKILL.md:102-119 SKILL.md:119-121 SKILL.md:121-133 SKILL.md:133 SKILL.md:133-147 SKILL.md:147-160 SKILL.md:160-165 SKILL.md:165 SKILL.md:165-174 SKILL.md:174-175 SKILL.md:175-176 SKILL.md:176-177 SKILL.md:177-181 SKILL.md:181-187 SKILL.md:187 SKILL.md:187-188 SKILL.md:188 SKILL.md:188-189 SKILL.md:189 SKILL.md:189-190 SKILL.md:190 SKILL.md:190-197 SKILL.md:197-198 SKILL.md:198-199 SKILL.md:199-204 SKILL.md:204-208 SKILL.md:208-211 SKILL.md:211-231 SKILL.md:231-243 SKILL.md:243-249 templates/component-base.tsx:7-11 templates/component-with-variants.tsx:8-12
🌐 ネットワークアクセス (4)

監査バージョン 4

安全

Jan 16, 2026, 04:58 PM

Pure documentation skill with no executable code. Static findings are false positives caused by the scanner misinterpreting React/TypeScript syntax (className, onClick) as shell commands and cryptographic patterns. No scripts, network calls, or credential access exist in this skill.

6
スキャンされたファイル
1,283
解析済み行数
2
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

リスク要因

⚙️ 外部コマンド (141)
references/conversion-patterns.md:11 references/conversion-patterns.md:11 references/conversion-patterns.md:12 references/conversion-patterns.md:12 references/conversion-patterns.md:13 references/conversion-patterns.md:13 references/conversion-patterns.md:14 references/conversion-patterns.md:14 references/conversion-patterns.md:15 references/conversion-patterns.md:15 references/conversion-patterns.md:16 references/conversion-patterns.md:16 references/conversion-patterns.md:22 references/conversion-patterns.md:22 references/conversion-patterns.md:23 references/conversion-patterns.md:23 references/conversion-patterns.md:24 references/conversion-patterns.md:24 references/conversion-patterns.md:25 references/conversion-patterns.md:25 references/conversion-patterns.md:26 references/conversion-patterns.md:26 references/conversion-patterns.md:27 references/conversion-patterns.md:27 references/conversion-patterns.md:31-39 references/conversion-patterns.md:39-45 references/conversion-patterns.md:45-51 references/conversion-patterns.md:51-55 references/conversion-patterns.md:55-61 references/conversion-patterns.md:61-67 references/conversion-patterns.md:67 references/conversion-patterns.md:67-68 references/conversion-patterns.md:68 references/conversion-patterns.md:68-69 references/conversion-patterns.md:69 references/conversion-patterns.md:69-70 references/conversion-patterns.md:70 references/conversion-patterns.md:70-71 references/conversion-patterns.md:71 references/conversion-patterns.md:71-72 references/conversion-patterns.md:72 references/conversion-patterns.md:72-73 references/conversion-patterns.md:73 references/conversion-patterns.md:73-74 references/conversion-patterns.md:74 references/conversion-patterns.md:74-75 references/conversion-patterns.md:75 references/conversion-patterns.md:75-76 references/conversion-patterns.md:76 references/conversion-patterns.md:76-82 references/conversion-patterns.md:82-94 references/conversion-patterns.md:94-98 references/conversion-patterns.md:98-112 references/conversion-patterns.md:112-116 references/conversion-patterns.md:116-128 references/conversion-patterns.md:128-132 references/conversion-patterns.md:132-143 references/conversion-patterns.md:143-149 references/conversion-patterns.md:149-157 references/conversion-patterns.md:157-161 references/conversion-patterns.md:161-170 references/conversion-patterns.md:170-174 references/conversion-patterns.md:174-196 references/conversion-patterns.md:196-202 references/conversion-patterns.md:202-218 references/conversion-patterns.md:218-222 references/conversion-patterns.md:222-238 references/conversion-patterns.md:238-244 references/conversion-patterns.md:244-253 references/conversion-patterns.md:253-257 references/conversion-patterns.md:257-265 references/conversion-patterns.md:265-266 references/conversion-patterns.md:266-272 references/conversion-patterns.md:272-282 references/conversion-patterns.md:282-286 references/conversion-patterns.md:286-296 references/conversion-patterns.md:296-302 references/conversion-patterns.md:302-319 references/conversion-patterns.md:319-325 references/conversion-patterns.md:325-333 references/conversion-patterns.md:333-337 references/conversion-patterns.md:337-348 references/conversion-patterns.md:348-352 references/conversion-patterns.md:352-361 references/conversion-patterns.md:361-367 references/conversion-patterns.md:367-381 references/conversion-patterns.md:381-385 references/conversion-patterns.md:385-394 SKILL.md:17 SKILL.md:24-33 SKILL.md:33-41 SKILL.md:41-42 SKILL.md:42-43 SKILL.md:43-46 SKILL.md:46-50 SKILL.md:50-56 SKILL.md:56-57 SKILL.md:57 SKILL.md:57-58 SKILL.md:58-59 SKILL.md:59-60 SKILL.md:60-63 SKILL.md:63-64 SKILL.md:64-67 SKILL.md:67-68 SKILL.md:68 SKILL.md:68-77 SKILL.md:77-90 SKILL.md:90-102 SKILL.md:102-119 SKILL.md:119-121 SKILL.md:121-133 SKILL.md:133 SKILL.md:133-147 SKILL.md:147-160 SKILL.md:160-165 SKILL.md:165 SKILL.md:165-174 SKILL.md:174-175 SKILL.md:175-176 SKILL.md:176-177 SKILL.md:177-181 SKILL.md:181-187 SKILL.md:187 SKILL.md:187-188 SKILL.md:188 SKILL.md:188-189 SKILL.md:189 SKILL.md:189-190 SKILL.md:190 SKILL.md:190-197 SKILL.md:197-198 SKILL.md:198-199 SKILL.md:199-204 SKILL.md:204-208 SKILL.md:208-211 SKILL.md:211-231 SKILL.md:231-243 SKILL.md:243-249 templates/component-base.tsx:7-11 templates/component-with-variants.tsx:8-12
🌐 ネットワークアクセス (4)

監査バージョン 3

安全

Jan 10, 2026, 10:42 AM

Pure prompt-based knowledge skill containing only documentation and code templates. No executable scripts, network calls, file system access, or code execution capabilities. All content is static reference material for converting HTML prototypes to React components.

5
スキャンされたファイル
1,073
解析済み行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

監査バージョン 2

安全

Jan 10, 2026, 10:42 AM

Pure prompt-based knowledge skill containing only documentation and code templates. No executable scripts, network calls, file system access, or code execution capabilities. All content is static reference material for converting HTML prototypes to React components.

5
スキャンされたファイル
1,073
解析済み行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした

監査バージョン 1

安全

Jan 10, 2026, 10:42 AM

Pure prompt-based knowledge skill containing only documentation and code templates. No executable scripts, network calls, file system access, or code execution capabilities. All content is static reference material for converting HTML prototypes to React components.

5
スキャンされたファイル
1,073
解析済み行数
0
検出結果
claude
監査者
セキュリティ問題は見つかりませんでした