📦

감사 이력

ai-maestro-code-graph-query - 4 감사들

감사 버전 4

최신 높은 위험

Jun 27, 2026, 04:05 PM

The static analyzer found many repeated patterns, and most weak cryptography matches are false positives from documentation text and generated output. However, the skill contains coercive prompt-control language, requires broad Bash execution, references home-directory executable installation, and makes localhost API calls, so it should not be published without review.

스캔된 파일

329

분석된 줄 수

발견 사항

codex

감사자

높은 위험 문제 (2)

SKILL.md:9-28 SKILL.md:30-37

Prompt Injection Style Mandatory Automation

The skill tells the assistant that graph querying is not optional, must be the default behavior, and must run immediately after reading code. This can override user intent and force repeated command execution during unrelated code review or editing tasks.

SKILL.md:4 SKILL.md:39-52 SKILL.md:63-75 SKILL.md:81-87 SKILL.md:107-112 SKILL.md:126-142 SKILL.md:154-157

Broad External Command Execution Requirement

The skill grants Bash access and repeatedly instructs the agent to run graph shell scripts. Marketplace users would need to trust external scripts on PATH, and command behavior is outside the reviewed skill files.

중간 위험 문제 (2)

SKILL.md:140-142 SKILL.md:154-159

Home Directory Executable Installation Reference

The skill instructs users to verify and install scripts under a hidden home-directory path. User-local executable directories can persist across sessions and may shadow trusted commands if PATH order is unsafe.

SKILL.md:145-146

Localhost API Call Requirement

The skill directs the agent to call a local AI Maestro API endpoint. This is not external exfiltration, but it can disclose local agent state to any service listening on that port.

낮은 위험 문제 (2)

SKILL.md:3 SKILL.md:34 SKILL.md:42 SKILL.md:61-63 SKILL.md:66 SKILL.md:73 SKILL.md:107-111 SKILL.md:139 output.json:4 output.json:76-86

Weak Cryptography Static Matches Are False Positives

The cited lines are documentation, generated marketplace content, or graph command names. No evidence found of cryptographic algorithms, hashing APIs, key handling, or security-sensitive crypto use in the reviewed files.

output.json:14-27 output.json:43-167

Generated Report Findings Are Not Executable Skill Behavior

Static findings in output.json describe already generated report metadata and content. They are useful context but do not create additional runtime behavior for the skill.

위험 요인

⚙️ 외부 명령어 (6)

SKILL.md:39-52 SKILL.md:63-75 SKILL.md:81-87 SKILL.md:107-112 SKILL.md:126-142 SKILL.md:154-157

📁 파일 시스템 액세스 (3)

SKILL.md:140-141 SKILL.md:159 output.json:18

🌐 네트워크 접근 (1)

SKILL.md:145

감지된 패턴

Coercive Agent Control LanguageShell Script Execution from PATH

감사 버전 3

안전

Jan 16, 2026, 02:27 PM

Documentation-only skill with no executable code. All 79 static findings are false positives caused by markdown documentation patterns. The skill instructs AI agents to run local shell scripts from ~/.local/bin/ and make localhost API calls to port 23000. No external network access or sensitive data exfiltration.

스캔된 파일

542

분석된 줄 수

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚡ 스크립트 포함 (3)

SKILL.md:42-52 SKILL.md:63-70 SKILL.md:107-112

감사 버전 2

안전

Jan 16, 2026, 02:27 PM

스캔된 파일

542

분석된 줄 수

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚡ 스크립트 포함 (3)

SKILL.md:42-52 SKILL.md:63-70 SKILL.md:107-112

감사 버전 1

낮은 위험

Jan 10, 2026, 06:49 AM

Prompt-based skill providing behavioral instructions. Executes local scripts from ~/.local/bin/ and makes localhost API calls to the AI Maestro dashboard. No external network access or sensitive data exfiltration patterns detected.

스캔된 파일

160

분석된 줄 수

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚙️ 외부 명령어 (2)

SKILL.md:42-51 SKILL.md:63-70

🌐 네트워크 접근 (1)

SKILL.md:145-146

← 스킬로 돌아가기