감사 이력 - building-plugins

감사 버전 5

최신 안전

Jan 16, 2026, 07:53 PM

All 588 static findings evaluated as false positives. The skill is documentation/educational content for building Claude Code plugins. Critical findings involve defensive security validation code (detecting dangerous commands) and security recommendations (avoiding eval). External command references are markdown documentation examples, not executable code.

16

스캔된 파일

3,966

분석된 줄 수

2

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚡ 스크립트 포함 (1)

SKILL.md:722

⚙️ 외부 명령어 (1)

SKILL.md:53-100

감사 버전 4

안전

Jan 16, 2026, 07:53 PM

All 588 static findings evaluated as false positives. The skill is documentation/educational content for building Claude Code plugins. Critical findings involve defensive security validation code (detecting dangerous commands) and security recommendations (avoiding eval). External command references are markdown documentation examples, not executable code.

16

스캔된 파일

3,966

분석된 줄 수

2

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚡ 스크립트 포함 (1)

SKILL.md:722

⚙️ 외부 명령어 (1)

SKILL.md:53-100

감사 버전 3

낮은 위험

Jan 10, 2026, 11:51 AM

This is a meta-skill for plugin creation. It contains validation scripts and template files for scaffolding Claude Code plugins. All scripts perform defensive validation and include security checks. No credential theft, network calls, or persistence mechanisms found.

18

스캔된 파일

3,623

분석된 줄 수

5

발견 사항

claude

감사자

낮은 위험 문제 (2)

templates/standard-plugin-template/scripts/helper.sh:24 templates/standard-plugin-template/scripts/helper.sh:27-42

Bash scripts execute shell commands

Shell scripts in templates execute commands using find and grep utilities. These are standard development tools for file operations and pattern matching. Scripts include defensive checks and do not execute arbitrary user input. Example from helper.sh line 24: `find . -name "$pattern" -type f`

scripts/validate-plugin.py:29-30 scripts/validate-plugin.py:33-36

Python script validates plugin directories

The validation script accesses filesystem to validate plugin structure. This is necessary for its purpose of checking plugin directories and components. Lines 29-30: Directory existence check with `plugin_path.is_dir()` Lines 33-36: plugin.json file existence check

위험 요인

⚡ 스크립트 포함 (3)

scripts/validate-plugin.py:1-344 templates/standard-plugin-template/scripts/helper.sh:1-61 templates/full-plugin-template/hooks/scripts/validate-bash.sh:1-28

📁 파일 시스템 액세스 (2)

scripts/validate-plugin.py:17-47 scripts/validate-plugin.py:117-246

⚙️ 외부 명령어 (1)

scripts/validate-plugin.py:264-294

감사 버전 2

낮은 위험

Jan 10, 2026, 11:51 AM

This is a meta-skill for plugin creation. It contains validation scripts and template files for scaffolding Claude Code plugins. All scripts perform defensive validation and include security checks. No credential theft, network calls, or persistence mechanisms found.

18

스캔된 파일

3,623

분석된 줄 수

5

발견 사항

claude

감사자

낮은 위험 문제 (2)

templates/standard-plugin-template/scripts/helper.sh:24 templates/standard-plugin-template/scripts/helper.sh:27-42

Bash scripts execute shell commands

Shell scripts in templates execute commands using find and grep utilities. These are standard development tools for file operations and pattern matching. Scripts include defensive checks and do not execute arbitrary user input. Example from helper.sh line 24: `find . -name "$pattern" -type f`

scripts/validate-plugin.py:29-30 scripts/validate-plugin.py:33-36

Python script validates plugin directories

The validation script accesses filesystem to validate plugin structure. This is necessary for its purpose of checking plugin directories and components. Lines 29-30: Directory existence check with `plugin_path.is_dir()` Lines 33-36: plugin.json file existence check

위험 요인

⚡ 스크립트 포함 (3)

scripts/validate-plugin.py:1-344 templates/standard-plugin-template/scripts/helper.sh:1-61 templates/full-plugin-template/hooks/scripts/validate-bash.sh:1-28

📁 파일 시스템 액세스 (2)

scripts/validate-plugin.py:17-47 scripts/validate-plugin.py:117-246

⚙️ 외부 명령어 (1)

scripts/validate-plugin.py:264-294

감사 버전 1

낮은 위험

Jan 10, 2026, 11:51 AM

This is a meta-skill for plugin creation. It contains validation scripts and template files for scaffolding Claude Code plugins. All scripts perform defensive validation and include security checks. No credential theft, network calls, or persistence mechanisms found.

18

스캔된 파일

3,623

분석된 줄 수

5

발견 사항

claude

감사자

낮은 위험 문제 (2)

templates/standard-plugin-template/scripts/helper.sh:24 templates/standard-plugin-template/scripts/helper.sh:27-42

Bash scripts execute shell commands

Shell scripts in templates execute commands using find and grep utilities. These are standard development tools for file operations and pattern matching. Scripts include defensive checks and do not execute arbitrary user input. Example from helper.sh line 24: `find . -name "$pattern" -type f`

scripts/validate-plugin.py:29-30 scripts/validate-plugin.py:33-36

Python script validates plugin directories

The validation script accesses filesystem to validate plugin structure. This is necessary for its purpose of checking plugin directories and components. Lines 29-30: Directory existence check with `plugin_path.is_dir()` Lines 33-36: plugin.json file existence check

위험 요인

⚡ 스크립트 포함 (3)

scripts/validate-plugin.py:1-344 templates/standard-plugin-template/scripts/helper.sh:1-61 templates/full-plugin-template/hooks/scripts/validate-bash.sh:1-28

📁 파일 시스템 액세스 (2)

scripts/validate-plugin.py:17-47 scripts/validate-plugin.py:117-246

⚙️ 외부 명령어 (1)

scripts/validate-plugin.py:264-294