Histórico de Auditoria - research-merge

Versão da auditoria 4

Mais recente Baixo Risco

Jan 17, 2026, 06:45 AM

This is a legitimate research management skill that handles git operations for research branches. The static scanner produced numerous false positives due to pattern matching heuristics that do not apply to this context. All git commands are hardcoded strings for legitimate repository operations. File system access is limited to reading markdown research documents and writing merged output. No credentials are accessed or exfiltrated. The skill is safe for publication.

5

Arquivos analisados

1,188

Linhas analisadas

2

achados

claude

Auditado por

Nenhum problema de segurança encontrado

Fatores de risco

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180

📁 Acesso ao sistema de arquivos (2)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127

Versão da auditoria 3

Baixo Risco

Jan 17, 2026, 06:45 AM

This is a legitimate research management skill that handles git operations for research branches. The static scanner produced numerous false positives due to pattern matching heuristics that do not apply to this context. All git commands are hardcoded strings for legitimate repository operations. File system access is limited to reading markdown research documents and writing merged output. No credentials are accessed or exfiltrated. The skill is safe for publication.

5

Arquivos analisados

1,188

Linhas analisadas

2

achados

claude

Auditado por

Nenhum problema de segurança encontrado

Fatores de risco

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180

📁 Acesso ao sistema de arquivos (2)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127

Versão da auditoria 2

Baixo Risco

Jan 5, 2026, 02:20 AM

This is a legitimate research management skill that handles git operations for research branches. It reads markdown files, performs text analysis for duplicate detection, and executes standard git commands. No malicious behavior detected.

4

Arquivos analisados

800

Linhas analisadas

3

achados

claude

Auditado por

Problemas de Baixo Risco (1)

SKILL.md:128-150

Git command execution in documentation

The SKILL.md documentation contains example git commands (git merge --squash, git push origin --delete) that would be executed by the Claude agent. These are legitimate git operations for merging research branches, but represent code execution capabilities.

Fatores de risco

📁 Acesso ao sistema de arquivos (4)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127 scripts/merge_findings.py:129-132 scripts/merge_findings.py:274-275

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180

Versão da auditoria 1

Baixo Risco

Jan 5, 2026, 02:20 AM

This is a legitimate research management skill that handles git operations for research branches. It reads markdown files, performs text analysis for duplicate detection, and executes standard git commands. No malicious behavior detected.

4

Arquivos analisados

800

Linhas analisadas

3

achados

claude

Auditado por

Problemas de Baixo Risco (1)

SKILL.md:128-150

Git command execution in documentation

The SKILL.md documentation contains example git commands (git merge --squash, git push origin --delete) that would be executed by the Claude agent. These are legitimate git operations for merging research branches, but represent code execution capabilities.

Fatores de risco

📁 Acesso ao sistema de arquivos (4)

scripts/detect_conflicts.py:81-83 scripts/detect_conflicts.py:124-127 scripts/merge_findings.py:129-132 scripts/merge_findings.py:274-275

⚙️ Comandos externos (2)

SKILL.md:122-150 SKILL.md:175-180