Habilidades grasshopper-workflow Histórico de Auditoria
📦

Histórico de Auditoria

grasshopper-workflow - 6 auditorias

Versão da auditoria 6

Mais recente Risco Médio

Jun 28, 2026, 09:12 AM

AI review did not confirm the static scanner high-risk malware indicators. Most external command, weak crypto, C2, reconnaissance, and entropy hits are false positives caused by Markdown examples, Grasshopper command names, and UUID-like component GUIDs. The remaining risk is medium because the skill includes Python scripts that read and write local files and send user-provided modeling commands to a local Grasshopper MCP socket.

16
Arquivos analisados
4,253
Linhas analisadas
9
achados
codex
Auditado por
Problemas de Risco Médio (3)
scripts/client.py:16-21scripts/client.py:49-56scripts/component_manager.py:35-43scripts/connection_manager.py:74-79
Local Grasshopper Command Channel
The client opens a TCP socket to the configured Grasshopper MCP server and sends serialized command objects. This is expected for the skill, but untrusted placement data can create, connect, delete, or modify Grasshopper document components through that local service.
scripts/cli.py:101-107scripts/cli.py:119-125scripts/cli.py:134-136scripts/cli.py:308-312scripts/parser_utils.py:469-479scripts/utils.py:158-161
User-Controlled Local File Writes
Several CLI commands write JSON output to paths provided by the user, and utility functions update placement or component map files. This can overwrite local files if a user supplies an unsafe path.
scripts/cli.py:12-16scripts/cli.py:51-58
Dynamic Local Import Fallback
The CLI modifies sys.path and can load a local __init__.py with importlib when normal imports fail. This supports direct script execution, but it can execute code from the local skill directory if that directory is modified.
Problemas de Baixo Risco (3)
SKILL.md:47-71references/cli_usage.md:9-28references/tool_guide.md:22-45
Static External Command Findings Dismissed
The reported Ruby or shell backtick detections are Markdown inline code, fenced examples, and CLI documentation. No subprocess, os.system, shell popen, or equivalent command execution was found in the executable scripts reviewed.
SKILL.md:3scripts/parser_utils.py:25-45scripts/utils.py:169-195
Weak Cryptography Findings Dismissed
The weak cryptography detections are UUID-like Grasshopper component GUIDs and GUID mapping values, not cryptographic functions or hashing algorithms.
references/workflow_steps.md:266-276scripts/connection_manager.py:74-79scripts/component_manager.py:151-174
C2 and Reconnaissance Findings Dismissed
The C2 keyword matches come from Grasshopper command names such as connect_components, and reconnaissance matches come from component queries and document error checks. No evidence found of system inventory, persistence, or command-and-control behavior.

Fatores de risco

⚡ Contém scripts (3)
scripts/cli.py:20-31 scripts/cli.py:51-58 scripts/placement_executor.py:56-75
🌐 Acesso à rede (2)
scripts/client.py:16-21 scripts/client.py:49-56
📁 Acesso ao sistema de arquivos (7)
scripts/cli.py:101-107 scripts/cli.py:119-125 scripts/cli.py:134-136 scripts/parser_utils.py:469-479 scripts/utils.py:20-28 scripts/utils.py:43-49 scripts/utils.py:158-161

Padrões Detectados

Socket-Based Command DispatchLocal JSON File MutationImport Path Expansion

Versão da auditoria 5

Seguro

Jan 16, 2026, 03:35 PM

Legitimate Grasshopper workflow automation tool. All 527 static findings are false positives: C2 keywords are UUIDs in GUID mappings, external_commands are Ruby code examples in documentation, and weak crypto patterns are references in documentation. The tool communicates via TCP with local MCP server on port 8080, reads/writes JSON and MMD files within project directories only, and has no external network calls or data exfiltration.

17
Arquivos analisados
4,570
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

📁 Acesso ao sistema de arquivos (3)
scripts/utils.py:22-23 scripts/utils.py:44-45 scripts/parser_utils.py:83
🌐 Acesso à rede (1)
scripts/client.py:49-50
⚡ Contém scripts (2)
scripts/cli.py:1-442 scripts/client.py:1-119

Versão da auditoria 4

Seguro

Jan 16, 2026, 03:35 PM

Legitimate Grasshopper workflow automation tool. All 527 static findings are false positives: C2 keywords are UUIDs in GUID mappings, external_commands are Ruby code examples in documentation, and weak crypto patterns are references in documentation. The tool communicates via TCP with local MCP server on port 8080, reads/writes JSON and MMD files within project directories only, and has no external network calls or data exfiltration.

17
Arquivos analisados
4,570
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

📁 Acesso ao sistema de arquivos (3)
scripts/utils.py:22-23 scripts/utils.py:44-45 scripts/parser_utils.py:83
🌐 Acesso à rede (1)
scripts/client.py:49-50
⚡ Contém scripts (2)
scripts/cli.py:1-442 scripts/client.py:1-119

Versão da auditoria 3

Baixo Risco

Jan 10, 2026, 10:16 AM

Legitimate Grasshopper MCP workflow automation tool. Uses TCP sockets to communicate with local Grasshopper MCP server on port 8080. File system access is limited to JSON/MMD file reading and writing within project directories. No dangerous code execution patterns, no external network calls, no credential theft or data exfiltration. All capabilities are necessary for the stated parametric modeling purpose.

14
Arquivos analisados
3,449
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (1)
scripts/client.py:49-50
📁 Acesso ao sistema de arquivos (2)
scripts/parser_utils.py:83 scripts/utils.py:25-28
⚡ Contém scripts (2)
scripts/cli.py:1-442 scripts/client.py:1-119

Versão da auditoria 2

Baixo Risco

Jan 10, 2026, 10:16 AM

Legitimate Grasshopper MCP workflow automation tool. Uses TCP sockets to communicate with local Grasshopper MCP server on port 8080. File system access is limited to JSON/MMD file reading and writing within project directories. No dangerous code execution patterns, no external network calls, no credential theft or data exfiltration. All capabilities are necessary for the stated parametric modeling purpose.

14
Arquivos analisados
3,449
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (1)
scripts/client.py:49-50
📁 Acesso ao sistema de arquivos (2)
scripts/parser_utils.py:83 scripts/utils.py:25-28
⚡ Contém scripts (2)
scripts/cli.py:1-442 scripts/client.py:1-119

Versão da auditoria 1

Baixo Risco

Jan 10, 2026, 10:16 AM

Legitimate Grasshopper MCP workflow automation tool. Uses TCP sockets to communicate with local Grasshopper MCP server on port 8080. File system access is limited to JSON/MMD file reading and writing within project directories. No dangerous code execution patterns, no external network calls, no credential theft or data exfiltration. All capabilities are necessary for the stated parametric modeling purpose.

14
Arquivos analisados
3,449
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (1)
scripts/client.py:49-50
📁 Acesso ao sistema de arquivos (2)
scripts/parser_utils.py:83 scripts/utils.py:25-28
⚡ Contém scripts (2)
scripts/cli.py:1-442 scripts/client.py:1-119
← Voltar para Skill