스킬 design-system-starter 감사 이력
📦

감사 이력

design-system-starter - 6 감사들

감사 버전 6

최신 낮은 위험

Jun 28, 2026, 09:47 AM

Static analysis reported many high-risk patterns, but context review found documentation examples, Markdown code fences, relative imports, design token color values, and public reference URLs. No malicious intent, credential access, command execution, data exfiltration, or prompt injection evidence was found. The only notable behavior is a benign example that stores a theme preference in localStorage.

5
스캔된 파일
2,557
분석된 줄 수
5
발견 사항
codex
감사자
낮은 위험 문제 (5)
SKILL.md:25-28references/component-examples.md:7-76checklists/design-system-checklist.md:202templates/component-template.tsx:7-11
False Positive: Markdown Code Fences Flagged as Commands
The external command findings are Markdown fenced code blocks, inline file references, and TypeScript examples. No shell execution primitive, subprocess call, or command construction was found in the reviewed context.
references/component-examples.md:13templates/component-template.tsx:15
False Positive: Relative Imports Flagged as Path Traversal
The filesystem findings are static React import examples using a relative utility path. They do not read user-controlled paths, write files, or traverse the host filesystem at runtime.
references/component-examples.md:478-487
Benign Browser Storage Example
The browser storage finding stores and reads only a light or dark theme preference. No credential, token, personal data, or network transfer is associated with this example.
templates/design-tokens-template.json:2SKILL.md:473
False Positive: Public Documentation URLs Flagged as Network Risk
The network findings are a design token schema URL and a link to a public contrast checker. They are references in data or documentation, not runtime calls that send data externally.
templates/design-tokens-template.json:180templates/design-tokens-template.json:251-274templates/component-template.tsx:128-133SKILL.md:327-344
False Positive: Color Tokens and Keyboard Examples Flagged as Sensitive or Malicious
Weak cryptography, C2 keyword, and key-file findings map to design token names, hex colors, size labels, and keyboard event examples. No cryptographic implementation, certificate material, malware command channel, or secret file content was found.

감사 버전 5

안전

Jan 16, 2026, 04:30 PM

This is a pure documentation skill containing design system guidance, JSON token schemas, TypeScript component templates, and accessibility checklists. The static analyzer generated false positives by misinterpreting markdown code fences as shell backticks, JSON keys as cryptographic algorithms, and documentation patterns as reconnaissance. All findings are dismissed as false positives.

6
스캔된 파일
2,777
분석된 줄 수
3
발견 사항
claude
감사자
보안 문제를 찾지 못했습니다

위험 요인

⚙️ 외부 명령어 (71)
checklists/design-system-checklist.md:202 references/component-examples.md:7-72 references/component-examples.md:72-76 references/component-examples.md:76-122 references/component-examples.md:122-126 references/component-examples.md:126-192 references/component-examples.md:192-196 references/component-examples.md:196-251 references/component-examples.md:251-255 references/component-examples.md:255-356 references/component-examples.md:356-360 references/component-examples.md:360-416 references/component-examples.md:416-420 references/component-examples.md:420-461 references/component-examples.md:461-465 references/component-examples.md:465-493 references/component-examples.md:493-500 references/component-examples.md:500-504 references/component-examples.md:504-578 SKILL.md:25 SKILL.md:26 SKILL.md:27 SKILL.md:28 SKILL.md:75-95 SKILL.md:95-98 SKILL.md:98-128 SKILL.md:128-137 SKILL.md:137-175 SKILL.md:175-181 SKILL.md:181-199 SKILL.md:199-202 SKILL.md:202-216 SKILL.md:216-220 SKILL.md:220-233 SKILL.md:233-237 SKILL.md:237-248 SKILL.md:248-270 SKILL.md:270-279 SKILL.md:279-281 SKILL.md:281-292 SKILL.md:292-301 SKILL.md:301-303 SKILL.md:303-332 SKILL.md:332-340 SKILL.md:340-343 SKILL.md:343-357 SKILL.md:357-360 SKILL.md:360-378 SKILL.md:378-382 SKILL.md:382-385 SKILL.md:385-387 SKILL.md:387-395 SKILL.md:395-428 SKILL.md:428-433 SKILL.md:433-443 SKILL.md:443-446 SKILL.md:446-450 SKILL.md:450-453 SKILL.md:453-460 SKILL.md:460-476 SKILL.md:476-491 SKILL.md:491-495 SKILL.md:495-496 SKILL.md:496-497 SKILL.md:497-498 SKILL.md:498-501 SKILL.md:501 SKILL.md:501 SKILL.md:501-505 SKILL.md:505-523 templates/component-template.tsx:7-11
📁 파일 시스템 액세스 (2)
references/component-examples.md:13 templates/component-template.tsx:15
🌐 네트워크 접근 (2)
SKILL.md:473 templates/design-tokens-template.json:2

감사 버전 4

안전

Jan 16, 2026, 04:30 PM

This is a pure documentation skill containing design system guidance, JSON token schemas, TypeScript component templates, and accessibility checklists. The static analyzer generated false positives by misinterpreting markdown code fences as shell backticks, JSON keys as cryptographic algorithms, and documentation patterns as reconnaissance. All findings are dismissed as false positives.

6
스캔된 파일
2,777
분석된 줄 수
3
발견 사항
claude
감사자
보안 문제를 찾지 못했습니다

위험 요인

⚙️ 외부 명령어 (71)
checklists/design-system-checklist.md:202 references/component-examples.md:7-72 references/component-examples.md:72-76 references/component-examples.md:76-122 references/component-examples.md:122-126 references/component-examples.md:126-192 references/component-examples.md:192-196 references/component-examples.md:196-251 references/component-examples.md:251-255 references/component-examples.md:255-356 references/component-examples.md:356-360 references/component-examples.md:360-416 references/component-examples.md:416-420 references/component-examples.md:420-461 references/component-examples.md:461-465 references/component-examples.md:465-493 references/component-examples.md:493-500 references/component-examples.md:500-504 references/component-examples.md:504-578 SKILL.md:25 SKILL.md:26 SKILL.md:27 SKILL.md:28 SKILL.md:75-95 SKILL.md:95-98 SKILL.md:98-128 SKILL.md:128-137 SKILL.md:137-175 SKILL.md:175-181 SKILL.md:181-199 SKILL.md:199-202 SKILL.md:202-216 SKILL.md:216-220 SKILL.md:220-233 SKILL.md:233-237 SKILL.md:237-248 SKILL.md:248-270 SKILL.md:270-279 SKILL.md:279-281 SKILL.md:281-292 SKILL.md:292-301 SKILL.md:301-303 SKILL.md:303-332 SKILL.md:332-340 SKILL.md:340-343 SKILL.md:343-357 SKILL.md:357-360 SKILL.md:360-378 SKILL.md:378-382 SKILL.md:382-385 SKILL.md:385-387 SKILL.md:387-395 SKILL.md:395-428 SKILL.md:428-433 SKILL.md:433-443 SKILL.md:443-446 SKILL.md:446-450 SKILL.md:450-453 SKILL.md:453-460 SKILL.md:460-476 SKILL.md:476-491 SKILL.md:491-495 SKILL.md:495-496 SKILL.md:496-497 SKILL.md:497-498 SKILL.md:498-501 SKILL.md:501 SKILL.md:501 SKILL.md:501-505 SKILL.md:505-523 templates/component-template.tsx:7-11
📁 파일 시스템 액세스 (2)
references/component-examples.md:13 templates/component-template.tsx:15
🌐 네트워크 접근 (2)
SKILL.md:473 templates/design-tokens-template.json:2

감사 버전 3

안전

Jan 10, 2026, 10:33 AM

This is a pure documentation and template skill with no executable code, network calls, or file system access. It contains only design system guidance, JSON token schemas, TypeScript component templates, and accessibility checklists.

5
스캔된 파일
2,557
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제를 찾지 못했습니다

감사 버전 2

안전

Jan 10, 2026, 10:33 AM

This is a pure documentation and template skill with no executable code, network calls, or file system access. It contains only design system guidance, JSON token schemas, TypeScript component templates, and accessibility checklists.

5
스캔된 파일
2,557
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제를 찾지 못했습니다

감사 버전 1

안전

Jan 10, 2026, 10:33 AM

This is a pure documentation and template skill with no executable code, network calls, or file system access. It contains only design system guidance, JSON token schemas, TypeScript component templates, and accessibility checklists.

5
스캔된 파일
2,557
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제를 찾지 못했습니다
← 스킬로 돌아가기