Histórico de Auditoria
project-scaffolder - 6 auditorias
Versão da auditoria 6
Mais recente Baixo RiscoJan 21, 2026, 04:45 PM
All static findings are false positives. The skill is a documentation-only project scaffolding tool. Scanner misinterpreted Go import statements as dynamic imports, Cobra CLI framework references as cmd.exe execution, and legitimate configuration URLs and environment variable patterns as security risks. No actual malicious code execution, credential exfiltration, or command injection patterns present.
Fatores de risco
⚡ Contém scripts (4)
⚙️ Comandos externos (79)
🌐 Acesso à rede (5)
🔑 Variáveis de ambiente (14)
📁 Acesso ao sistema de arquivos (1)
Versão da auditoria 5
Risco MédioJan 16, 2026, 11:06 PM
AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.
Fatores de risco
🌐 Acesso à rede (5)
⚡ Contém scripts (2)
⚙️ Comandos externos (77)
📁 Acesso ao sistema de arquivos (1)
🔑 Variáveis de ambiente (12)
Padrões Detectados
Versão da auditoria 4
Risco MédioJan 16, 2026, 11:06 PM
AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.
Fatores de risco
🌐 Acesso à rede (5)
⚡ Contém scripts (2)
⚙️ Comandos externos (77)
📁 Acesso ao sistema de arquivos (1)
🔑 Variáveis de ambiente (12)
Padrões Detectados
Versão da auditoria 3
SeguroJan 10, 2026, 12:47 PM
Pure prompt-based skill containing only templates and guidance documentation. No executable code, no file system access, no network operations, and no command execution capabilities. This skill provides project scaffolding instructions that the AI generates for users to apply manually.
Versão da auditoria 2
SeguroJan 10, 2026, 12:47 PM
Pure prompt-based skill containing only templates and guidance documentation. No executable code, no file system access, no network operations, and no command execution capabilities. This skill provides project scaffolding instructions that the AI generates for users to apply manually.
Versão da auditoria 1
SeguroJan 10, 2026, 12:47 PM
Pure prompt-based skill containing only templates and guidance documentation. No executable code, no file system access, no network operations, and no command execution capabilities. This skill provides project scaffolding instructions that the AI generates for users to apply manually.