監査履歴 - hypogenic

監査バージョン 6

リスク要因

🌐 ネットワークアクセス (4)

SKILL.md:24 SKILL.md:544 SKILL.md:564 SKILL.md:603-604

⚙️ 外部コマンド (3)

SKILL.md:19-31 SKILL.md:123-125 SKILL.md:233-235

監査バージョン 5

中リスク

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3

スキャンされたファイル

1,017

解析された行数

3

検出結果

claude

監査者

セキュリティ問題は見つかりませんでした

リスク要因

🔑 環境変数 (2)

references/config_template.yaml:17 references/config_template.yaml:17

🌐 ネットワークアクセス (18)

skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617

⚙️ 外部コマンド (80)

SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

検出されたパターン

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

監査バージョン 4

中リスク

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3

スキャンされたファイル

1,017

解析された行数

3

検出結果

claude

監査者

セキュリティ問題は見つかりませんでした

リスク要因

🔑 環境変数 (2)

references/config_template.yaml:17 references/config_template.yaml:17

🌐 ネットワークアクセス (18)

skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617

⚙️ 外部コマンド (80)

SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

検出されたパターン

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

監査バージョン 3

中リスク

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2

スキャンされたファイル

806

解析された行数

5

検出結果

claude

監査者

中リスクの問題 (1)

SKILL.md:233 SKILL.md:243

External command execution for GROBID PDF processing

External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.

低リスクの問題 (1)

SKILL.md:24 SKILL.md:135

Hardcoded URLs to academic resources

The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

リスク要因

🔑 環境変数 (1)

references/config_template.yaml:17

⚙️ 外部コマンド (2)

SKILL.md:233 SKILL.md:243

🌐 ネットワークアクセス (2)

SKILL.md:24 SKILL.md:135

監査バージョン 2

中リスク

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2

スキャンされたファイル

806

解析された行数

5

検出結果

claude

監査者

中リスクの問題 (1)

SKILL.md:233 SKILL.md:243

External command execution for GROBID PDF processing

External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.

低リスクの問題 (1)

SKILL.md:24 SKILL.md:135

Hardcoded URLs to academic resources

The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

リスク要因

🔑 環境変数 (1)

references/config_template.yaml:17

⚙️ 外部コマンド (2)

SKILL.md:233 SKILL.md:243

🌐 ネットワークアクセス (2)

SKILL.md:24 SKILL.md:135

監査バージョン 1

安全

Jan 4, 2026, 04:39 PM

The skill files are pure documentation and configuration templates. No executable code exists in the skill directory. All described functionality (CLI commands, Python API, Redis caching) refers to an external hypogenic package that users install separately. The skill itself only provides guidance, templates, and usage instructions for Claude to help users work with this external package.

5

スキャンされたファイル

1,036

解析された行数

1

検出結果

claude

監査者

セキュリティ問題は見つかりませんでした

リスク要因

🌐 ネットワークアクセス (1)

references/config_template.yaml:15-19