스킬 code-review-standards 감사 이력
📦

감사 이력

code-review-standards - 7 감사

감사 버전 7

최신 낮은 위험

Jun 28, 2026, 01:31 PM

Static analysis found many dangerous tokens, but review confirmed they appear in Markdown checklists, links, and illustrative TypeScript snippets. No executable scripts, package hooks, network calls, credential collection, or prompt injection attempts were found in the reviewed skill files.

4
스캔된 파일
1,141
분석된 줄 수
8
발견 사항
codex
감사자
낮은 위험 문제 (3)
security-checklist.md:9-44maintainability-rules.md:8-303performance-criteria.md:8-243SKILL.md:190-416
Dangerous tokens appear in documentation examples
The analyzer matched exec, eval, Function, hashing, and shell-like tokens, but the reviewed locations are Markdown checklist items or fenced code examples that teach reviewers what to avoid. They are not executable skill code and do not create a direct runtime security risk.
SKILL.md:64-100SKILL.md:426-427security-checklist.md:119-120
Relative references point outside the skill folder
Several Markdown links reference sibling skills or related documentation through parent-directory paths. This is an integration pattern, not path traversal code, but users should know the skill may ask the agent to read adjacent review guidance if available.
security-checklist.md:121maintainability-rules.md:331-332performance-criteria.md:254-255
External URLs are reference links only
Hardcoded URLs point to public documentation such as OWASP, Clean Code, Refactoring, Next.js, and React references. No evidence found that the skill performs network requests or sends data to external services.

위험 요인

⚙️ 외부 명령어 (109)
maintainability-rules.md:8-47 maintainability-rules.md:47-59 maintainability-rules.md:59-69 maintainability-rules.md:69-72 maintainability-rules.md:72-82 maintainability-rules.md:82-85 maintainability-rules.md:85-94 maintainability-rules.md:94-101 maintainability-rules.md:101-121 maintainability-rules.md:121-128 maintainability-rules.md:128-135 maintainability-rules.md:135-137 maintainability-rules.md:137-140 maintainability-rules.md:140-153 maintainability-rules.md:153-155 maintainability-rules.md:155-162 maintainability-rules.md:162-190 maintainability-rules.md:190-197 maintainability-rules.md:197-215 maintainability-rules.md:215-222 maintainability-rules.md:222-238 maintainability-rules.md:238-250 maintainability-rules.md:250-270 maintainability-rules.md:270-277 maintainability-rules.md:277-283 maintainability-rules.md:283-289 maintainability-rules.md:289-292 maintainability-rules.md:292-301 maintainability-rules.md:301-303 maintainability-rules.md:303-306 performance-criteria.md:8-23 performance-criteria.md:23-26 performance-criteria.md:26-31 performance-criteria.md:31-34 performance-criteria.md:34-42 performance-criteria.md:42-49 performance-criteria.md:49-61 performance-criteria.md:61-64 performance-criteria.md:64-78 performance-criteria.md:78-85 performance-criteria.md:85-98 performance-criteria.md:98-101 performance-criteria.md:101-118 performance-criteria.md:118-121 performance-criteria.md:121-137 performance-criteria.md:137-144 performance-criteria.md:144-157 performance-criteria.md:157-160 performance-criteria.md:160-166 performance-criteria.md:166-173 performance-criteria.md:173-183 performance-criteria.md:183-190 performance-criteria.md:190-202 performance-criteria.md:202-229 performance-criteria.md:229-232 performance-criteria.md:232-241 performance-criteria.md:241-243 performance-criteria.md:243-248 security-checklist.md:9 security-checklist.md:9 security-checklist.md:36 security-checklist.md:44 security-checklist.md:44 security-checklist.md:48 security-checklist.md:62-68 security-checklist.md:68-71 security-checklist.md:71-78 security-checklist.md:78-81 security-checklist.md:81-87 security-checklist.md:87-93 security-checklist.md:93-98 security-checklist.md:98-108 security-checklist.md:108-110 security-checklist.md:110-113 SKILL.md:88 SKILL.md:89 SKILL.md:90 SKILL.md:190-200 SKILL.md:200-215 SKILL.md:215-231 SKILL.md:231-234 SKILL.md:234-241 SKILL.md:241-243 SKILL.md:243-246 SKILL.md:246-250 SKILL.md:250-253 SKILL.md:253-258 SKILL.md:258-264 SKILL.md:264-267 SKILL.md:267-271 SKILL.md:271-274 SKILL.md:274-281 SKILL.md:281-287 SKILL.md:287-288 SKILL.md:288-297 SKILL.md:297-310 SKILL.md:310-313 SKILL.md:313-330 SKILL.md:330-333 SKILL.md:333-340 SKILL.md:340-367 SKILL.md:367-376 SKILL.md:376-380 SKILL.md:380-384 SKILL.md:384-389 SKILL.md:389-392 SKILL.md:392-399 SKILL.md:399-404 SKILL.md:404-416
🌐 네트워크 접근 (5)
maintainability-rules.md:331 maintainability-rules.md:332 performance-criteria.md:254 performance-criteria.md:255 security-checklist.md:121
📁 파일 시스템 접근 (14)
maintainability-rules.md:333 maintainability-rules.md:333 performance-criteria.md:256 security-checklist.md:3 security-checklist.md:119 security-checklist.md:120 security-checklist.md:120 SKILL.md:64 SKILL.md:81 SKILL.md:86 SKILL.md:100 SKILL.md:141 SKILL.md:426 SKILL.md:427
⚡ 스크립트 포함 (3)
security-checklist.md:44 security-checklist.md:44 security-checklist.md:9
🔑 환경 변수 (2)
SKILL.md:382 SKILL.md:382

감사 버전 6

안전

Jan 21, 2026, 02:54 PM

All 177 static findings are false positives. The skill consists of markdown documentation files containing code examples for educational purposes. The flagged patterns (external_commands, network, filesystem, scripts, env_access) appear only in documentation examples demonstrating what to look for during code reviews, not as executable code. This is a documentation skill with no security risks.

5
스캔된 파일
2,835
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

감사 버전 5

중간 위험

Jan 16, 2026, 06:39 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

5
스캔된 파일
1,336
분석된 줄 수
5
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

⚙️ 외부 명령어 (109)
maintainability-rules.md:8-47 maintainability-rules.md:47-59 maintainability-rules.md:59-69 maintainability-rules.md:69-72 maintainability-rules.md:72-82 maintainability-rules.md:82-85 maintainability-rules.md:85-94 maintainability-rules.md:94-101 maintainability-rules.md:101-121 maintainability-rules.md:121-128 maintainability-rules.md:128-135 maintainability-rules.md:135-137 maintainability-rules.md:137-140 maintainability-rules.md:140-153 maintainability-rules.md:153-155 maintainability-rules.md:155-162 maintainability-rules.md:162-190 maintainability-rules.md:190-197 maintainability-rules.md:197-215 maintainability-rules.md:215-222 maintainability-rules.md:222-238 maintainability-rules.md:238-250 maintainability-rules.md:250-270 maintainability-rules.md:270-277 maintainability-rules.md:277-283 maintainability-rules.md:283-289 maintainability-rules.md:289-292 maintainability-rules.md:292-301 maintainability-rules.md:301-303 maintainability-rules.md:303-306 performance-criteria.md:8-23 performance-criteria.md:23-26 performance-criteria.md:26-31 performance-criteria.md:31-34 performance-criteria.md:34-42 performance-criteria.md:42-49 performance-criteria.md:49-61 performance-criteria.md:61-64 performance-criteria.md:64-78 performance-criteria.md:78-85 performance-criteria.md:85-98 performance-criteria.md:98-101 performance-criteria.md:101-118 performance-criteria.md:118-121 performance-criteria.md:121-137 performance-criteria.md:137-144 performance-criteria.md:144-157 performance-criteria.md:157-160 performance-criteria.md:160-166 performance-criteria.md:166-173 performance-criteria.md:173-183 performance-criteria.md:183-190 performance-criteria.md:190-202 performance-criteria.md:202-229 performance-criteria.md:229-232 performance-criteria.md:232-241 performance-criteria.md:241-243 performance-criteria.md:243-248 security-checklist.md:9 security-checklist.md:9 security-checklist.md:36 security-checklist.md:44 security-checklist.md:44 security-checklist.md:48 security-checklist.md:62-68 security-checklist.md:68-71 security-checklist.md:71-78 security-checklist.md:78-81 security-checklist.md:81-87 security-checklist.md:87-93 security-checklist.md:93-98 security-checklist.md:98-108 security-checklist.md:108-110 security-checklist.md:110-113 SKILL.md:88 SKILL.md:89 SKILL.md:90 SKILL.md:190-200 SKILL.md:200-215 SKILL.md:215-231 SKILL.md:231-234 SKILL.md:234-241 SKILL.md:241-243 SKILL.md:243-246 SKILL.md:246-250 SKILL.md:250-253 SKILL.md:253-258 SKILL.md:258-264 SKILL.md:264-267 SKILL.md:267-271 SKILL.md:271-274 SKILL.md:274-281 SKILL.md:281-287 SKILL.md:287-288 SKILL.md:288-297 SKILL.md:297-310 SKILL.md:310-313 SKILL.md:313-330 SKILL.md:330-333 SKILL.md:333-340 SKILL.md:340-367 SKILL.md:367-376 SKILL.md:376-380 SKILL.md:380-384 SKILL.md:384-389 SKILL.md:389-392 SKILL.md:392-399 SKILL.md:399-404 SKILL.md:404-416
🌐 네트워크 접근 (5)
maintainability-rules.md:331 maintainability-rules.md:332 performance-criteria.md:254 performance-criteria.md:255 security-checklist.md:121
📁 파일 시스템 접근 (14)
maintainability-rules.md:333 maintainability-rules.md:333 performance-criteria.md:256 security-checklist.md:3 security-checklist.md:119 security-checklist.md:120 security-checklist.md:120 SKILL.md:64 SKILL.md:81 SKILL.md:86 SKILL.md:100 SKILL.md:141 SKILL.md:426 SKILL.md:427
⚡ 스크립트 포함 (3)
security-checklist.md:44 security-checklist.md:44 security-checklist.md:9
🔑 환경 변수 (2)
SKILL.md:382 SKILL.md:382

감지된 패턴

Ruby/shell backtick executionHardcoded URLPath traversal sequenceWeak cryptographic algorithmSystem reconnaissanceDynamic code evaluation with eval()Dynamic function constructorPython exec() functionProcess execBrowser credential filesEnvironment variable access (dot notation)Environment variable objectEnvironment file access[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

감사 버전 4

중간 위험

Jan 16, 2026, 06:39 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

5
스캔된 파일
1,336
분석된 줄 수
5
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

⚙️ 외부 명령어 (109)
maintainability-rules.md:8-47 maintainability-rules.md:47-59 maintainability-rules.md:59-69 maintainability-rules.md:69-72 maintainability-rules.md:72-82 maintainability-rules.md:82-85 maintainability-rules.md:85-94 maintainability-rules.md:94-101 maintainability-rules.md:101-121 maintainability-rules.md:121-128 maintainability-rules.md:128-135 maintainability-rules.md:135-137 maintainability-rules.md:137-140 maintainability-rules.md:140-153 maintainability-rules.md:153-155 maintainability-rules.md:155-162 maintainability-rules.md:162-190 maintainability-rules.md:190-197 maintainability-rules.md:197-215 maintainability-rules.md:215-222 maintainability-rules.md:222-238 maintainability-rules.md:238-250 maintainability-rules.md:250-270 maintainability-rules.md:270-277 maintainability-rules.md:277-283 maintainability-rules.md:283-289 maintainability-rules.md:289-292 maintainability-rules.md:292-301 maintainability-rules.md:301-303 maintainability-rules.md:303-306 performance-criteria.md:8-23 performance-criteria.md:23-26 performance-criteria.md:26-31 performance-criteria.md:31-34 performance-criteria.md:34-42 performance-criteria.md:42-49 performance-criteria.md:49-61 performance-criteria.md:61-64 performance-criteria.md:64-78 performance-criteria.md:78-85 performance-criteria.md:85-98 performance-criteria.md:98-101 performance-criteria.md:101-118 performance-criteria.md:118-121 performance-criteria.md:121-137 performance-criteria.md:137-144 performance-criteria.md:144-157 performance-criteria.md:157-160 performance-criteria.md:160-166 performance-criteria.md:166-173 performance-criteria.md:173-183 performance-criteria.md:183-190 performance-criteria.md:190-202 performance-criteria.md:202-229 performance-criteria.md:229-232 performance-criteria.md:232-241 performance-criteria.md:241-243 performance-criteria.md:243-248 security-checklist.md:9 security-checklist.md:9 security-checklist.md:36 security-checklist.md:44 security-checklist.md:44 security-checklist.md:48 security-checklist.md:62-68 security-checklist.md:68-71 security-checklist.md:71-78 security-checklist.md:78-81 security-checklist.md:81-87 security-checklist.md:87-93 security-checklist.md:93-98 security-checklist.md:98-108 security-checklist.md:108-110 security-checklist.md:110-113 SKILL.md:88 SKILL.md:89 SKILL.md:90 SKILL.md:190-200 SKILL.md:200-215 SKILL.md:215-231 SKILL.md:231-234 SKILL.md:234-241 SKILL.md:241-243 SKILL.md:243-246 SKILL.md:246-250 SKILL.md:250-253 SKILL.md:253-258 SKILL.md:258-264 SKILL.md:264-267 SKILL.md:267-271 SKILL.md:271-274 SKILL.md:274-281 SKILL.md:281-287 SKILL.md:287-288 SKILL.md:288-297 SKILL.md:297-310 SKILL.md:310-313 SKILL.md:313-330 SKILL.md:330-333 SKILL.md:333-340 SKILL.md:340-367 SKILL.md:367-376 SKILL.md:376-380 SKILL.md:380-384 SKILL.md:384-389 SKILL.md:389-392 SKILL.md:392-399 SKILL.md:399-404 SKILL.md:404-416
🌐 네트워크 접근 (5)
maintainability-rules.md:331 maintainability-rules.md:332 performance-criteria.md:254 performance-criteria.md:255 security-checklist.md:121
📁 파일 시스템 접근 (14)
maintainability-rules.md:333 maintainability-rules.md:333 performance-criteria.md:256 security-checklist.md:3 security-checklist.md:119 security-checklist.md:120 security-checklist.md:120 SKILL.md:64 SKILL.md:81 SKILL.md:86 SKILL.md:100 SKILL.md:141 SKILL.md:426 SKILL.md:427
⚡ 스크립트 포함 (3)
security-checklist.md:44 security-checklist.md:44 security-checklist.md:9
🔑 환경 변수 (2)
SKILL.md:382 SKILL.md:382

감지된 패턴

Ruby/shell backtick executionHardcoded URLPath traversal sequenceWeak cryptographic algorithmSystem reconnaissanceDynamic code evaluation with eval()Dynamic function constructorPython exec() functionProcess execBrowser credential filesEnvironment variable access (dot notation)Environment variable objectEnvironment file access[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

감사 버전 3

안전

Jan 10, 2026, 10:59 AM

Pure documentation skill containing only markdown files with review checklists and templates. No executable code, no file access, no network calls, no code execution paths. Benign documentation for code review standards.

4
스캔된 파일
1,141
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

감사 버전 2

안전

Jan 10, 2026, 10:59 AM

Pure documentation skill containing only markdown files with review checklists and templates. No executable code, no file access, no network calls, no code execution paths. Benign documentation for code review standards.

4
스캔된 파일
1,141
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

감사 버전 1

안전

Jan 10, 2026, 10:59 AM

Pure documentation skill containing only markdown files with review checklists and templates. No executable code, no file access, no network calls, no code execution paths. Benign documentation for code review standards.

4
스캔된 파일
1,141
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다
← 스킬로 돌아가기