📦

감사 이력

wp-project-triage - 6 감사

감사 버전 6

최신 낮은 위험

Jun 28, 2026, 11:57 AM

The static analyzer reported network, command execution, credential, and weak crypto patterns, but contextual review found these were false positives. The skill is a read-only WordPress repository detector that uses local filesystem reads and prints a structured report, so the remaining risk is limited to local repository inspection.

3
스캔된 파일
776
분석된 줄 수
6
발견 사항
codex
감사자
낮은 위험 문제 (4)
Read-Only Repository File Scanning
The detector recursively reads repository files and scans wp-config.php for selected WordPress constants. It does not print secrets or send data, but users should expect local repository inspection.
Static Network Findings Dismissed
The hardcoded URLs are JSON Schema identifiers, not outbound requests. No fetch, HTTP client, curl, or wget usage was found in the reviewed files.
Static Command Execution Findings Dismissed
Backtick findings are JavaScript template literals used for regular expressions, recommendation strings, and stdout formatting. No child_process import or shell execution was found.
Static Credential and Crypto Findings Dismissed
The sensitive and weak crypto detections match WordPress API names, Object.keys calls, path checks, and string includes. No certificate handling, key extraction, hashing, or encryption logic was found.

감사 버전 5

낮은 위험

Jan 16, 2026, 06:11 PM

Read-only filesystem scanner for WordPress project detection. No network calls, no command execution, no credential access. Static scanner false positives were caused by misidentified template literals as shell backticks, path.extname() as crypto functions, and standard schema URLs as network security issues.

4
스캔된 파일
994
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

📁 파일 시스템 접근 (1)

감사 버전 4

낮은 위험

Jan 16, 2026, 06:11 PM

Read-only filesystem scanner for WordPress project detection. No network calls, no command execution, no credential access. Static scanner false positives were caused by misidentified template literals as shell backticks, path.extname() as crypto functions, and standard schema URLs as network security issues.

4
스캔된 파일
994
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

📁 파일 시스템 접근 (1)

감사 버전 3

낮은 위험

Jan 10, 2026, 10:52 AM

Read-only filesystem scanner for WordPress project detection. No network calls, no command execution, no credential access. The tool safely inspects repository structure to determine project type and available tooling.

3
스캔된 파일
593
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

📁 파일 시스템 접근 (1)

감사 버전 2

낮은 위험

Jan 10, 2026, 10:52 AM

Read-only filesystem scanner for WordPress project detection. No network calls, no command execution, no credential access. The tool safely inspects repository structure to determine project type and available tooling.

3
스캔된 파일
593
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

📁 파일 시스템 접근 (1)

감사 버전 1

낮은 위험

Jan 10, 2026, 10:52 AM

Read-only filesystem scanner for WordPress project detection. No network calls, no command execution, no credential access. The tool safely inspects repository structure to determine project type and available tooling.

3
스캔된 파일
593
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

📁 파일 시스템 접근 (1)