스킬 quetrex-development-workflow 감사 이력
📦

감사 이력

quetrex-development-workflow - 7 감사

감사 버전 7

최신 중간 위험

Jun 28, 2026, 12:52 PM

Static analysis found many command-like strings, but review shows they are GitHub CLI and git workflow examples for a Quetrex development process. The Windows SAM and weak cryptography alerts are false positives from ordinary project text and filenames. The skill is publishable with a warning because it instructs users to run external commands that can modify GitHub state.

1
스캔된 파일
408
분석된 줄 수
3
발견 사항
codex
감사자
중간 위험 문제 (1)
SKILL.md:22-34SKILL.md:308-347
External GitHub Workflow Commands
The skill provides commands such as GitHub issue creation, workflow execution, PR inspection, PR merge, and log download. These commands are legitimate for the stated workflow, but they can alter repository state or retrieve CI artifacts when run with an authenticated GitHub CLI session.
낮은 위험 문제 (1)
SKILL.md:3SKILL.md:103SKILL.md:141-143SKILL.md:264SKILL.md:360
High-Severity Static Matches Are False Positives
The weak cryptography and Windows SAM static alerts do not correspond to cryptographic operations or Windows credential access. The reviewed lines contain a skill description, issue example text, TDD workflow text, and a project memory filename.

위험 요인

⚙️ 외부 명령어 (6)
SKILL.md:22-34 SKILL.md:177-187 SKILL.md:308-320 SKILL.md:324-334 SKILL.md:338-347 SKILL.md:396-398

감지된 패턴

State-Changing CLI Examples

감사 버전 6

낮은 위험

Jan 21, 2026, 02:56 PM

Documentation-only skill with no executable code. Static findings are false positives triggered by bash command examples in markdown documentation. No actual command execution, credential access, or cryptographic operations present. All critical and high-severity findings dismissed after evaluation.

2
스캔된 파일
1,227
분석된 줄 수
5
발견 사항
claude
감사자

심각한 문제 (2)

SKILL.md:360
Windows SAM database access
Pattern 'SAM' detected in filenames and text. Static analyzer misidentified 'ARCHITECTURE-INTELLIGENCE-SYSTEM.md' as Windows SAM database. No actual SAM database access exists.
SKILL.md:1-408
Dangerous combination: Code execution + Network + Credential access
Heuristic detected combination of command documentation, network references, and credential mentions.

높은 위험 문제 (1)

SKILL.md:3SKILL.md:64SKILL.md:141SKILL.md:264
Weak cryptographic algorithm usage
Pattern detected suggesting weak cryptographic algorithms.
중간 위험 문제 (1)
SKILL.md:22-34SKILL.md:177-187SKILL.md:308-320
Shell command examples in documentation
Bash command examples with backtick-style patterns found in SKILL.md documentation.

위험 요인

⚙️ 외부 명령어 (5)
SKILL.md:22-34 SKILL.md:177-187 SKILL.md:308-320 SKILL.md:324-334 SKILL.md:338-347

감사 버전 5

중간 위험

Jan 16, 2026, 07:03 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
스캔된 파일
586
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

⚙️ 외부 명령어 (56)
SKILL.md:22-34 SKILL.md:34-40 SKILL.md:40-41 SKILL.md:41-42 SKILL.md:42-43 SKILL.md:43-44 SKILL.md:44-73 SKILL.md:73-105 SKILL.md:105-118 SKILL.md:118-133 SKILL.md:133-137 SKILL.md:137-153 SKILL.md:153-154 SKILL.md:154-155 SKILL.md:155-169 SKILL.md:169-177 SKILL.md:177-187 SKILL.md:187-190 SKILL.md:190-197 SKILL.md:197-238 SKILL.md:238-249 SKILL.md:249 SKILL.md:249-255 SKILL.md:255-260 SKILL.md:260-276 SKILL.md:276-285 SKILL.md:285-289 SKILL.md:289-290 SKILL.md:290-291 SKILL.md:291-292 SKILL.md:292-297 SKILL.md:297-298 SKILL.md:298-299 SKILL.md:299-308 SKILL.md:308-320 SKILL.md:320-324 SKILL.md:324-334 SKILL.md:334-338 SKILL.md:338-347 SKILL.md:347-353 SKILL.md:353-357 SKILL.md:357-358 SKILL.md:358-359 SKILL.md:359-360 SKILL.md:360-362 SKILL.md:362-376 SKILL.md:376-377 SKILL.md:377-378 SKILL.md:378-379 SKILL.md:379-385 SKILL.md:385-386 SKILL.md:386-387 SKILL.md:387-388 SKILL.md:388-396 SKILL.md:396-397 SKILL.md:397-402

감지된 패턴

Ruby/shell backtick executionWeak cryptographic algorithmWindows SAM database[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

감사 버전 4

중간 위험

Jan 16, 2026, 07:03 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
스캔된 파일
586
분석된 줄 수
1
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

위험 요인

⚙️ 외부 명령어 (56)
SKILL.md:22-34 SKILL.md:34-40 SKILL.md:40-41 SKILL.md:41-42 SKILL.md:42-43 SKILL.md:43-44 SKILL.md:44-73 SKILL.md:73-105 SKILL.md:105-118 SKILL.md:118-133 SKILL.md:133-137 SKILL.md:137-153 SKILL.md:153-154 SKILL.md:154-155 SKILL.md:155-169 SKILL.md:169-177 SKILL.md:177-187 SKILL.md:187-190 SKILL.md:190-197 SKILL.md:197-238 SKILL.md:238-249 SKILL.md:249 SKILL.md:249-255 SKILL.md:255-260 SKILL.md:260-276 SKILL.md:276-285 SKILL.md:285-289 SKILL.md:289-290 SKILL.md:290-291 SKILL.md:291-292 SKILL.md:292-297 SKILL.md:297-298 SKILL.md:298-299 SKILL.md:299-308 SKILL.md:308-320 SKILL.md:320-324 SKILL.md:324-334 SKILL.md:334-338 SKILL.md:338-347 SKILL.md:347-353 SKILL.md:353-357 SKILL.md:357-358 SKILL.md:358-359 SKILL.md:359-360 SKILL.md:360-362 SKILL.md:362-376 SKILL.md:376-377 SKILL.md:377-378 SKILL.md:378-379 SKILL.md:379-385 SKILL.md:385-386 SKILL.md:386-387 SKILL.md:387-388 SKILL.md:388-396 SKILL.md:396-397 SKILL.md:397-402

감지된 패턴

Ruby/shell backtick executionWeak cryptographic algorithmWindows SAM database[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

감사 버전 3

안전

Jan 10, 2026, 11:07 AM

Pure documentation skill containing only markdown content. No executable code, scripts, network operations, or filesystem access beyond its own file. This is a safe reference guide for project workflow.

1
스캔된 파일
403
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

감사 버전 2

안전

Jan 10, 2026, 11:07 AM

Pure documentation skill containing only markdown content. No executable code, scripts, network operations, or filesystem access beyond its own file. This is a safe reference guide for project workflow.

1
스캔된 파일
403
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다

감사 버전 1

안전

Jan 10, 2026, 11:07 AM

Pure documentation skill containing only markdown content. No executable code, scripts, network operations, or filesystem access beyond its own file. This is a safe reference guide for project workflow.

1
스캔된 파일
403
분석된 줄 수
0
발견 사항
claude
감사자
보안 문제가 발견되지 않았습니다
← 스킬로 돌아가기