📸

監査履歴

qwen-image-pro - 2 監査

監査バージョン 2

高リスクの問題 (1)

Weak Cryptographic Algorithm Warning (False Positive)

Static scanner incorrectly flagged 'weak cryptographic algorithm' at multiple lines. Upon review, these are documentation content (parameter names like 'prompt_extend', URLs, and text descriptions). No cryptographic operations are performed.

中リスクの問題 (1)

SKILL.md:15

External Command Examples (False Positive)

Static scanner flagged 40 locations of 'Ruby/shell backtick execution'. These are documentation examples showing how to use the infsh CLI tool (e.g., 'infsh login', 'infsh app run'). This is legitimate documentation, not actual code execution.

低リスクの問題 (1)

SKILL.md:9

Hardcoded URLs (False Positive)

Static scanner flagged 7 hardcoded URLs. These are legitimate links to inference.sh documentation and example URLs for the image generation service.

リスク要因

⚙️ 外部コマンド (1)

SKILL.md:15

🌐 ネットワークアクセス (1)

SKILL.md:9

監査バージョン 1

安全

Mar 5, 2026, 08:56 AM

All 56 static findings are false positives. The skill file contains only markdown documentation with code examples showing how to use the inference.sh CLI. The detected patterns (shell commands, URLs) appear in fenced code blocks as legitimate documentation examples. No executable code, prompt injection attempts, or malicious intent detected. Safe to publish.

スキャンされたファイル

206

解析された行数

検出結果

claude

監査者

低リスクの問題 (1)

SKILL.md:17-21 SKILL.md:35-39

Documentation Code Blocks Contain Shell Commands

The skill documentation contains shell command examples in fenced code blocks. These are markdown documentation examples showing users how to use the inference.sh CLI tool, not executable code. No security risk.

リスク要因

⚙️ 外部コマンド (9)

SKILL.md:15-21 SKILL.md:35-50 SKILL.md:54-62 SKILL.md:66-71 SKILL.md:75-84 SKILL.md:88-93 SKILL.md:145-152 SKILL.md:156-184 SKILL.md:188-197

🌐 ネットワークアクセス (3)

SKILL.md:9-11 SKILL.md:79-80 SKILL.md:203-206

← スキルに戻る