Histórico de Auditoria
configuring-dapr-pubsub - 5 auditorias
Versão da auditoria 5
Mais recente SeguroJan 16, 2026, 05:47 PM
All 65 static findings are FALSE POSITIVES. The skill is pure documentation with YAML/JSON/Python code examples for Dapr pub/sub configuration. The verify.py script only reads SKILL.md to validate documentation structure - no network calls, no external command execution, no credential access. Static analyzer misidentified documentation keywords and code examples as security threats.
Fatores de risco
⚡ Contém scripts (1)
📁 Acesso ao sistema de arquivos (1)
Versão da auditoria 4
SeguroJan 16, 2026, 05:47 PM
All 65 static findings are FALSE POSITIVES. The skill is pure documentation with YAML/JSON/Python code examples for Dapr pub/sub configuration. The verify.py script only reads SKILL.md to validate documentation structure - no network calls, no external command execution, no credential access. Static analyzer misidentified documentation keywords and code examples as security threats.
Fatores de risco
⚡ Contém scripts (1)
📁 Acesso ao sistema de arquivos (1)
Versão da auditoria 3
Baixo RiscoJan 10, 2026, 10:28 AM
This skill contains documentation and a verification script. The script only reads local files within the skill directory to validate documentation structure. No network calls, external commands, credential access, or data exfiltration capabilities detected.
Fatores de risco
⚡ Contém scripts (1)
📁 Acesso ao sistema de arquivos (1)
Versão da auditoria 2
Baixo RiscoJan 10, 2026, 10:28 AM
This skill contains documentation and a verification script. The script only reads local files within the skill directory to validate documentation structure. No network calls, external commands, credential access, or data exfiltration capabilities detected.
Fatores de risco
⚡ Contém scripts (1)
📁 Acesso ao sistema de arquivos (1)
Versão da auditoria 1
Baixo RiscoJan 10, 2026, 10:28 AM
This skill contains documentation and a verification script. The script only reads local files within the skill directory to validate documentation structure. No network calls, external commands, credential access, or data exfiltration capabilities detected.