감사 이력 - hypogenic

감사 버전 6

최신 낮은 위험

Jan 21, 2026, 05:27 PM

This scientific hypothesis generation skill was scanned with 126 potential issues detected. After evaluation, all findings are false positives: environment variable references for API keys follow security best practices; hardcoded URLs are legitimate documentation links; shell command examples are user setup instructions; no actual cryptographic code or command-and-control patterns exist. The skill makes normal LLM API calls for hypothesis generation, which is expected functionality.

3

스캔된 파일

2,075

분석된 줄 수

2

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

🌐 네트워크 접근 (4)

SKILL.md:24 SKILL.md:544 SKILL.md:564 SKILL.md:603-604

⚙️ 외부 명령어 (3)

SKILL.md:19-31 SKILL.md:123-125 SKILL.md:233-235

감사 버전 5

중간 위험

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3

스캔된 파일

1,017

분석된 줄 수

3

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

🔑 환경 변수 (2)

references/config_template.yaml:17 references/config_template.yaml:17

🌐 네트워크 접근 (18)

skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617

⚙️ 외부 명령어 (80)

SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

감지된 패턴

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

감사 버전 4

중간 위험

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3

스캔된 파일

1,017

분석된 줄 수

3

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

🔑 환경 변수 (2)

references/config_template.yaml:17 references/config_template.yaml:17

🌐 네트워크 접근 (18)

skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617

⚙️ 외부 명령어 (80)

SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

감지된 패턴

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

감사 버전 3

중간 위험

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2

스캔된 파일

806

분석된 줄 수

5

발견 사항

claude

감사자

중간 위험 문제 (1)

SKILL.md:233 SKILL.md:243

External command execution for GROBID PDF processing

External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.

낮은 위험 문제 (1)

SKILL.md:24 SKILL.md:135

Hardcoded URLs to academic resources

The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

위험 요인

🔑 환경 변수 (1)

references/config_template.yaml:17

⚙️ 외부 명령어 (2)

SKILL.md:233 SKILL.md:243

🌐 네트워크 접근 (2)

SKILL.md:24 SKILL.md:135

감사 버전 2

중간 위험

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2

스캔된 파일

806

분석된 줄 수

5

발견 사항

claude

감사자

중간 위험 문제 (1)

SKILL.md:233 SKILL.md:243

External command execution for GROBID PDF processing

External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.

낮은 위험 문제 (1)

SKILL.md:24 SKILL.md:135

Hardcoded URLs to academic resources

The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

위험 요인

🔑 환경 변수 (1)

references/config_template.yaml:17

⚙️ 외부 명령어 (2)

SKILL.md:233 SKILL.md:243

🌐 네트워크 접근 (2)

SKILL.md:24 SKILL.md:135

감사 버전 1

안전

Jan 4, 2026, 04:39 PM

The skill files are pure documentation and configuration templates. No executable code exists in the skill directory. All described functionality (CLI commands, Python API, Redis caching) refers to an external hypogenic package that users install separately. The skill itself only provides guidance, templates, and usage instructions for Claude to help users work with this external package.

5

스캔된 파일

1,036

분석된 줄 수

1

발견 사항

claude

감사자

보안 문제를 찾지 못했습니다

위험 요인

🌐 네트워크 접근 (1)

references/config_template.yaml:15-19