감사 이력 - device-management

감사 버전 6

최신 안전

Jan 21, 2026, 05:41 PM

All static findings are false positives. The skill is a legitimate UniFi Network MCP tool for device management. Flagged patterns are: SHA256 content hashes in metadata (mistaken for C2 indicators), Markdown code formatting in documentation (mistaken for shell execution), and environment variable examples for API authentication (standard documentation practice). No actual security risks identified.

2

스캔된 파일

514

분석된 줄 수

7

발견 사항

claude

감사자

높은 위험 문제 (2)

skill-report.json:11 skill-report.json:12 skill-report.json:201-202 skill-report.json:218 skill-report.json:279 skill-report.json:340 skill-report.json:351 skill-report.json:362 skill-report.json:373

SHA256 content hashes flagged as C2/weak crypto

Static scanner incorrectly identified SHA256 content hash strings in JSON metadata as C2 keywords and weak cryptographic algorithms. These are legitimate content hashes for file integrity verification.

SKILL.md:48

API credential examples flagged

Static scanner flagged environment variable references in documentation as credential access risk.

중간 위험 문제 (2)

SKILL.md:33-68

Markdown code formatting flagged as backtick execution

Static scanner identified backticks in SKILL.md as Ruby/shell command execution.

SKILL.md:13

Network management terms flagged as reconnaissance

Static scanner flagged device management terminology as network reconnaissance.

위험 요인

🌐 네트워크 접근 (1)

skill-report.json:6

⚙️ 외부 명령어 (11)

SKILL.md:33 SKILL.md:34 SKILL.md:35 SKILL.md:36 SKILL.md:40 SKILL.md:44 SKILL.md:47-50 SKILL.md:50-55 SKILL.md:55-61 SKILL.md:61-62 SKILL.md:62-68

🔑 환경 변수 (1)

SKILL.md:48

감사 버전 5

중간 위험

Jan 17, 2026, 12:29 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2

스캔된 파일

276

분석된 줄 수

4

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

🌐 네트워크 접근 (4)

skill-report.json:6 skill-report.json:125 skill-report.json:126 skill-report.json:127

📁 파일 시스템 액세스 (1)

skill-report.json:6

⚙️ 외부 명령어 (11)

SKILL.md:33 SKILL.md:34 SKILL.md:35 SKILL.md:36 SKILL.md:40 SKILL.md:44 SKILL.md:47-50 SKILL.md:50-55 SKILL.md:55-61 SKILL.md:61-62 SKILL.md:62-68

🔑 환경 변수 (1)

SKILL.md:48

감지된 패턴

Hardcoded URLHardcoded IP addressHidden file accessC2 keywordsWeak cryptographic algorithmRuby/shell backtick executionGeneric API/secret keysNetwork reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

감사 버전 4

중간 위험

Jan 17, 2026, 12:29 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2

스캔된 파일

276

분석된 줄 수

4

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

🌐 네트워크 접근 (4)

skill-report.json:6 skill-report.json:125 skill-report.json:126 skill-report.json:127

📁 파일 시스템 액세스 (1)

skill-report.json:6

⚙️ 외부 명령어 (11)

SKILL.md:33 SKILL.md:34 SKILL.md:35 SKILL.md:36 SKILL.md:40 SKILL.md:44 SKILL.md:47-50 SKILL.md:50-55 SKILL.md:55-61 SKILL.md:61-62 SKILL.md:62-68

🔑 환경 변수 (1)

SKILL.md:48

감지된 패턴

Hardcoded URLHardcoded IP addressHidden file accessC2 keywordsWeak cryptographic algorithmRuby/shell backtick executionGeneric API/secret keysNetwork reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

감사 버전 3

안전

Jan 10, 2026, 01:47 PM

This skill is a pure markdown documentation file describing available MCP tools. No executable code, scripts, network calls, or file system access is implemented in this skill. The actual functionality is provided by the UniFi Network MCP server which should be reviewed separately.

1

스캔된 파일

99

분석된 줄 수

0

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

감사 버전 2

안전

Jan 10, 2026, 01:47 PM

This skill is a pure markdown documentation file describing available MCP tools. No executable code, scripts, network calls, or file system access is implemented in this skill. The actual functionality is provided by the UniFi Network MCP server which should be reviewed separately.

1

스캔된 파일

99

분석된 줄 수

0

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

감사 버전 1

안전

Jan 10, 2026, 01:47 PM

This skill is a pure markdown documentation file describing available MCP tools. No executable code, scripts, network calls, or file system access is implemented in this skill. The actual functionality is provided by the UniFi Network MCP server which should be reviewed separately.

1

스캔된 파일

99

분석된 줄 수

0

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다