Habilidades json-validator Histórico de auditoria
📦

Histórico de auditoria

json-validator - 6 auditorias

Versão da auditoria 6

Mais recente Baixo Risco

Jun 28, 2026, 08:15 AM

Static analysis reported external command, weak cryptography, and reconnaissance patterns, but the reviewed locations are Markdown prose or fenced JSON/YAML examples. No executable code, shell command construction, cryptographic implementation, reconnaissance logic, network calls, environment access, or prompt injection text was found. The skill is safe to publish with the static findings dismissed as false positives.

1
Arquivos analisados
255
Linhas analisadas
2
Review items
0
False positives ignored

Confirmed security concerns (2)

Baixo
False Positive: Markdown Examples Misclassified as External Commands
The static analyzer flagged Markdown code fences and example JSON/YAML blocks as Ruby or shell backtick execution. These locations contain documentation examples only; no executable command invocation or command construction is present.
The flagged lines are visible Markdown fences, example output, or structured data examples. The file contains no script body, shell syntax, or instruction to execute user-controlled commands.
Baixo
False Positive: Documentation Text Misclassified as Blocker Patterns
The weak cryptography and system reconnaissance alerts point to frontmatter, prose, and JSON examples. No evidence found of hashing, encryption, operating system reconnaissance, filesystem enumeration, network access, or credential handling.
The flagged lines are ordinary skill description text or examples of invalid JSON comments. Semantic review found no code path that performs cryptographic operations or system discovery.
Auditado por: codex

Versão da auditoria 5

Seguro

Jan 16, 2026, 03:24 PM

This is a pure prompt-based skill with no code execution, file access, or network capabilities. The skill provides only instructions for AI agents to help users validate, format, and fix JSON data. All 41 static findings are false positives caused by keyword-based pattern detection misinterpreting markdown documentation as security threats.

2
Arquivos analisados
429
Linhas analisadas
1
Review items
0
False positives ignored
Auditado por: claude

Versão da auditoria 4

Seguro

Jan 16, 2026, 03:24 PM

This is a pure prompt-based skill with no code execution, file access, or network capabilities. The skill provides only instructions for AI agents to help users validate, format, and fix JSON data. All 41 static findings are false positives caused by keyword-based pattern detection misinterpreting markdown documentation as security threats.

2
Arquivos analisados
429
Linhas analisadas
1
Review items
0
False positives ignored
Auditado por: claude

Versão da auditoria 3

Seguro

Jan 10, 2026, 10:16 AM

This is a pure prompt-based skill with no code execution, file access, or network capabilities. The skill provides only instructions for AI agents to help users validate, format, and fix JSON data.

1
Arquivos analisados
255
Linhas analisadas
0
Review items
0
False positives ignored
Nenhum problema de segurança encontrado
Auditado por: claude

Versão da auditoria 2

Seguro

Jan 10, 2026, 10:16 AM

This is a pure prompt-based skill with no code execution, file access, or network capabilities. The skill provides only instructions for AI agents to help users validate, format, and fix JSON data.

1
Arquivos analisados
255
Linhas analisadas
0
Review items
0
False positives ignored
Nenhum problema de segurança encontrado
Auditado por: claude

Versão da auditoria 1

Seguro

Jan 10, 2026, 10:16 AM

This is a pure prompt-based skill with no code execution, file access, or network capabilities. The skill provides only instructions for AI agents to help users validate, format, and fix JSON data.

1
Arquivos analisados
255
Linhas analisadas
0
Review items
0
False positives ignored
Nenhum problema de segurança encontrado
Auditado por: claude