감사 이력 - systematic-debugging

감사 버전 5

최신 안전

Jan 16, 2026, 09:48 PM

All static findings are FALSE POSITIVES. The 'external_commands' patterns are markdown documentation examples, not executable code. The 'find-polluter.sh' script is a legitimate debugging tool. Environment variable access is for defensive test guards. No malicious patterns confirmed after semantic evaluation.

7

스캔된 파일

1,085

분석된 줄 수

3

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚡ 스크립트 포함 (1)

scripts/find-polluter.sh:1-75

📁 파일 시스템 액세스 (1)

scripts/find-polluter.sh:25-32

⚙️ 외부 명령어 (1)

scripts/find-polluter.sh:53

감사 버전 4

안전

Jan 16, 2026, 09:48 PM

All static findings are FALSE POSITIVES. The 'external_commands' patterns are markdown documentation examples, not executable code. The 'find-polluter.sh' script is a legitimate debugging tool. Environment variable access is for defensive test guards. No malicious patterns confirmed after semantic evaluation.

7

스캔된 파일

1,085

분석된 줄 수

3

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

⚡ 스크립트 포함 (1)

scripts/find-polluter.sh:1-75

📁 파일 시스템 액세스 (1)

scripts/find-polluter.sh:25-32

⚙️ 외부 명령어 (1)

scripts/find-polluter.sh:53

감사 버전 3

낮은 위험

Jan 10, 2026, 12:40 PM

Skill contains legitimate debugging tools including a shell script for test pollution detection and TypeScript utilities for condition-based waiting. All capabilities align with stated debugging purpose. No malicious patterns detected.

6

스캔된 파일

442

분석된 줄 수

4

발견 사항

claude

감사자

낮은 위험 문제 (1)

scripts/find-polluter.sh:53

Shell script executes npm test commands

The find-polluter.sh script executes 'npm test' commands on user-provided test files. While this is legitimate for its debugging purpose, it could theoretically be misused if an attacker controls the test directory parameter. The script properly validates inputs and this represents minimal risk in normal usage.

위험 요인

⚡ 스크립트 포함 (1)

scripts/find-polluter.sh:1-75

📁 파일 시스템 액세스 (1)

scripts/find-polluter.sh:24-32

⚙️ 외부 명령어 (1)

scripts/find-polluter.sh:53

감사 버전 2

낮은 위험

Jan 10, 2026, 12:40 PM

Skill contains legitimate debugging tools including a shell script for test pollution detection and TypeScript utilities for condition-based waiting. All capabilities align with stated debugging purpose. No malicious patterns detected.

6

스캔된 파일

442

분석된 줄 수

4

발견 사항

claude

감사자

낮은 위험 문제 (1)

scripts/find-polluter.sh:53

Shell script executes npm test commands

The find-polluter.sh script executes 'npm test' commands on user-provided test files. While this is legitimate for its debugging purpose, it could theoretically be misused if an attacker controls the test directory parameter. The script properly validates inputs and this represents minimal risk in normal usage.

위험 요인

⚡ 스크립트 포함 (1)

scripts/find-polluter.sh:1-75

📁 파일 시스템 액세스 (1)

scripts/find-polluter.sh:24-32

⚙️ 외부 명령어 (1)

scripts/find-polluter.sh:53

감사 버전 1

낮은 위험

Jan 10, 2026, 12:40 PM

Skill contains legitimate debugging tools including a shell script for test pollution detection and TypeScript utilities for condition-based waiting. All capabilities align with stated debugging purpose. No malicious patterns detected.

6

스캔된 파일

442

분석된 줄 수

4

발견 사항

claude

감사자

낮은 위험 문제 (1)

scripts/find-polluter.sh:53

Shell script executes npm test commands

The find-polluter.sh script executes 'npm test' commands on user-provided test files. While this is legitimate for its debugging purpose, it could theoretically be misused if an attacker controls the test directory parameter. The script properly validates inputs and this represents minimal risk in normal usage.

위험 요인

⚡ 스크립트 포함 (1)

scripts/find-polluter.sh:1-75

📁 파일 시스템 액세스 (1)

scripts/find-polluter.sh:24-32

⚙️ 외부 명령어 (1)

scripts/find-polluter.sh:53