🔐

Histórico de Auditoria

1password-credential-lookup - 5 auditorias

Versão da auditoria 5

Mais recente Baixo Risco

Jan 16, 2026, 09:02 PM

Legitimate credential lookup tool that uses 1Password CLI for secure retrieval. No network calls, no credential exfiltration. Subprocess calls to `op` CLI use hardcoded string arguments. Static findings are false positives triggered by expected credential access patterns.

3
Arquivos analisados
507
Linhas analisadas
3
achados
claude
Auditado por
Problemas de Baixo Risco (1)
Credentials output via stdout
Script outputs credentials as JSON to stdout. This is the designed behavior for credential retrieval. Not a security flaw but expected functionality.

Fatores de risco

⚙️ Comandos externos (1)
📁 Acesso ao sistema de arquivos (1)

Versão da auditoria 4

Baixo Risco

Jan 16, 2026, 09:02 PM

Legitimate credential lookup tool that uses 1Password CLI for secure retrieval. No network calls, no credential exfiltration. Subprocess calls to `op` CLI use hardcoded string arguments. Static findings are false positives triggered by expected credential access patterns.

3
Arquivos analisados
507
Linhas analisadas
3
achados
claude
Auditado por
Problemas de Baixo Risco (1)
Credentials output via stdout
Script outputs credentials as JSON to stdout. This is the designed behavior for credential retrieval. Not a security flaw but expected functionality.

Fatores de risco

⚙️ Comandos externos (1)
📁 Acesso ao sistema de arquivos (1)

Versão da auditoria 3

Baixo Risco

Jan 10, 2026, 12:14 PM

Legitimate credential lookup tool that uses 1Password CLI for secure credential retrieval. No network calls, no credential exfiltration, and behavior matches stated purpose.

2
Arquivos analisados
252
Linhas analisadas
4
achados
claude
Auditado por
Problemas de Baixo Risco (1)
Credentials output via stdout
The script outputs credentials (username/password) as JSON to stdout at lines 112-116 and 128. While this is the intended purpose for credential retrieval, credentials are exposed in process output which could be logged or captured. An attacker with access to the system could potentially read credentials from process listings or logs.

Versão da auditoria 2

Baixo Risco

Jan 10, 2026, 12:14 PM

Legitimate credential lookup tool that uses 1Password CLI for secure credential retrieval. No network calls, no credential exfiltration, and behavior matches stated purpose.

2
Arquivos analisados
252
Linhas analisadas
4
achados
claude
Auditado por
Problemas de Baixo Risco (1)
Credentials output via stdout
The script outputs credentials (username/password) as JSON to stdout at lines 112-116 and 128. While this is the intended purpose for credential retrieval, credentials are exposed in process output which could be logged or captured. An attacker with access to the system could potentially read credentials from process listings or logs.

Versão da auditoria 1

Baixo Risco

Jan 10, 2026, 12:14 PM

Legitimate credential lookup tool that uses 1Password CLI for secure credential retrieval. No network calls, no credential exfiltration, and behavior matches stated purpose.

2
Arquivos analisados
252
Linhas analisadas
4
achados
claude
Auditado por
Problemas de Baixo Risco (1)
Credentials output via stdout
The script outputs credentials (username/password) as JSON to stdout at lines 112-116 and 128. While this is the intended purpose for credential retrieval, credentials are exposed in process output which could be logged or captured. An attacker with access to the system could potentially read credentials from process listings or logs.