スキル faceless-explainer 監査履歴
📦

監査履歴

faceless-explainer - 2 監査

監査バージョン 2

最新 中リスク

Jun 30, 2026, 02:55 AM

Static analysis reported 1059 issues and a critical heuristic, but review found no prompt injection, credential exfiltration, or malicious intent. Most alerts are markdown backticks, relative documentation paths, color parsing, or RegExp.exec false positives. Confirmed risks are legitimate HyperFrames workflow privileges: local scripts, project filesystem writes, an environment-controlled audio engine override, and generated HTML that loads GSAP from a CDN.

17
スキャンされたファイル
3,233
解析された行数
12
検出結果
codex
監査者
中リスクの問題 (3)
scripts/audio.mjs:23scripts/audio.mjs:71scripts/audio.mjs:85
Local Subprocess Invocation for Audio Pipeline
The audio adapter imports child_process and uses spawnSync to run a Node-based shared media audio engine. This is expected for narration, BGM, and SFX generation, and arguments are passed as an array without shell interpolation. It still creates a local command execution surface when users run the workflow, especially because HF_MEDIA_ENGINE can override the engine path.
scripts/build-frame.mjs:147scripts/build-frame.mjs:260scripts/audio.mjs:155scripts/captions.mjs:165scripts/captions.mjs:178scripts/assemble-index.mjs:348
Project Filesystem Modification by Workflow Scripts
Several scripts write generated project artifacts such as frame.md, caption HTML, caption metadata, audio metadata, and index.html. This is necessary for HyperFrames rendering, but users should run it only in the intended video project directory because the scripts accept project paths from CLI arguments.
scripts/assemble-index.mjs:323scripts/captions.mjs:452
Generated HTML Loads External GSAP CDN Script
The generated index and fallback captions HTML include GSAP from jsDelivr. This is a normal rendering dependency, but it introduces a runtime network and supply-chain dependency unless the environment pins or vendors the asset.
低リスクの問題 (4)
SKILL.md:32SKILL.md:92references/story-design.md:215
Markdown Backtick Command Alerts Are False Positives
Many external command alerts come from markdown code formatting and workflow instructions, not hidden Ruby backtick execution. The cited lines describe commands users may run as part of the HyperFrames workflow.
scripts/lib/storyboard.mjs:107scripts/lib/tokens.mjs:27scripts/transitions.mjs:76
Regex exec Alerts Are False Positives
The script findings labeled as Python exec or process exec are RegExp.exec calls used for parsing headings, colors, and transition HTML. These do not execute code.
SKILL.md:191SKILL.md:192references/story-design.md:5
Path Traversal Alerts Are Documentation Relative Paths
Several path traversal alerts refer to documentation links such as ../hyperframes-core and ../hyperframes-animation. These are intended skill reference paths, not code that reads arbitrary parent directories.
scripts/lib/tokens.mjs:27scripts/lib/tokens.mjs:107references/visual-design.md:58
Weak Cryptography Alerts Are Color and Design Vocabulary
The weak cryptography alerts are caused by terms such as hex colors, chroma, blur, and visual design language. I did not find hashing, encryption, or cryptographic verification code in the reviewed context.

リスク要因

⚙️ 外部コマンド (6)
scripts/audio.mjs:23 scripts/audio.mjs:85 SKILL.md:32 SKILL.md:92 SKILL.md:109 SKILL.md:151
📁 ファイルシステムへのアクセス (9)
scripts/build-frame.mjs:27-28 scripts/build-frame.mjs:147 scripts/build-frame.mjs:260 scripts/audio.mjs:70 scripts/audio.mjs:155 scripts/captions.mjs:165 scripts/captions.mjs:178 scripts/captions.mjs:202 scripts/assemble-index.mjs:348
🔑 環境変数 (1)
scripts/audio.mjs:71
🌐 ネットワークアクセス (2)
scripts/assemble-index.mjs:323 scripts/captions.mjs:452
⚡ スクリプトを含む (5)
scripts/build-frame.mjs:1 scripts/audio.mjs:1 scripts/captions.mjs:1 scripts/transitions.mjs:1 scripts/assemble-index.mjs:1

検出されたパターン

child_process.spawnSync UsageEnvironment-Controlled Engine PathHardcoded External Script URL

監査バージョン 1

中リスク

Jun 27, 2026, 09:04 AM

Static analysis reported 1059 issues and a critical heuristic, but review found no prompt injection, credential exfiltration, or malicious intent. Most alerts are markdown backticks, relative documentation paths, color parsing, or RegExp.exec false positives. Confirmed risks are legitimate HyperFrames workflow privileges: local scripts, project filesystem writes, an environment-controlled audio engine override, and generated HTML that loads GSAP from a CDN.

17
スキャンされたファイル
3,233
解析された行数
12
検出結果
codex
監査者
中リスクの問題 (3)
scripts/audio.mjs:23scripts/audio.mjs:71scripts/audio.mjs:85
Local Subprocess Invocation for Audio Pipeline
The audio adapter imports child_process and uses spawnSync to run a Node-based shared media audio engine. This is expected for narration, BGM, and SFX generation, and arguments are passed as an array without shell interpolation. It still creates a local command execution surface when users run the workflow, especially because HF_MEDIA_ENGINE can override the engine path.
scripts/build-frame.mjs:147scripts/build-frame.mjs:260scripts/audio.mjs:155scripts/captions.mjs:165scripts/captions.mjs:178scripts/assemble-index.mjs:348
Project Filesystem Modification by Workflow Scripts
Several scripts write generated project artifacts such as frame.md, caption HTML, caption metadata, audio metadata, and index.html. This is necessary for HyperFrames rendering, but users should run it only in the intended video project directory because the scripts accept project paths from CLI arguments.
scripts/assemble-index.mjs:323scripts/captions.mjs:452
Generated HTML Loads External GSAP CDN Script
The generated index and fallback captions HTML include GSAP from jsDelivr. This is a normal rendering dependency, but it introduces a runtime network and supply-chain dependency unless the environment pins or vendors the asset.
低リスクの問題 (4)
SKILL.md:32SKILL.md:92references/story-design.md:215
Markdown Backtick Command Alerts Are False Positives
Many external command alerts come from markdown code formatting and workflow instructions, not hidden Ruby backtick execution. The cited lines describe commands users may run as part of the HyperFrames workflow.
scripts/lib/storyboard.mjs:107scripts/lib/tokens.mjs:27scripts/transitions.mjs:76
Regex exec Alerts Are False Positives
The script findings labeled as Python exec or process exec are RegExp.exec calls used for parsing headings, colors, and transition HTML. These do not execute code.
SKILL.md:191SKILL.md:192references/story-design.md:5
Path Traversal Alerts Are Documentation Relative Paths
Several path traversal alerts refer to documentation links such as ../hyperframes-core and ../hyperframes-animation. These are intended skill reference paths, not code that reads arbitrary parent directories.
scripts/lib/tokens.mjs:27scripts/lib/tokens.mjs:107references/visual-design.md:58
Weak Cryptography Alerts Are Color and Design Vocabulary
The weak cryptography alerts are caused by terms such as hex colors, chroma, blur, and visual design language. I did not find hashing, encryption, or cryptographic verification code in the reviewed context.

リスク要因

⚙️ 外部コマンド (6)
scripts/audio.mjs:23 scripts/audio.mjs:85 SKILL.md:32 SKILL.md:92 SKILL.md:109 SKILL.md:151
📁 ファイルシステムへのアクセス (9)
scripts/build-frame.mjs:27-28 scripts/build-frame.mjs:147 scripts/build-frame.mjs:260 scripts/audio.mjs:70 scripts/audio.mjs:155 scripts/captions.mjs:165 scripts/captions.mjs:178 scripts/captions.mjs:202 scripts/assemble-index.mjs:348
🔑 環境変数 (1)
scripts/audio.mjs:71
🌐 ネットワークアクセス (2)
scripts/assemble-index.mjs:323 scripts/captions.mjs:452
⚡ スクリプトを含む (5)
scripts/build-frame.mjs:1 scripts/audio.mjs:1 scripts/captions.mjs:1 scripts/transitions.mjs:1 scripts/assemble-index.mjs:1

検出されたパターン

child_process.spawnSync UsageEnvironment-Controlled Engine PathHardcoded External Script URL
← スキルに戻る