Habilidades gget Histórico de Auditoria
🧬

Histórico de Auditoria

gget - 4 auditorias

Versão da auditoria 4

Mais recente Seguro

Jan 17, 2026, 07:38 AM

This is legitimate bioinformatics software. All 614 static findings are false positives: markdown code fences were misidentified as Ruby shell execution, hardcoded URLs are public genomic databases (Ensembl, UniProt, NCBI), cryptographic patterns are data integrity checksums, and the critical heuristic is standard bioinformatics behavior (network queries to public APIs + local file operations for results).

9
Arquivos analisados
3,490
Linhas analisadas
2
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (2)
references/database_info.md:22 SKILL.md:866-868
📁 Acesso ao sistema de arquivos (3)
scripts/gene_analysis.py:55-61 scripts/enrichment_pipeline.py:24-25 scripts/batch_sequence_analysis.py:97-98

Versão da auditoria 3

Seguro

Jan 17, 2026, 07:38 AM

This is legitimate bioinformatics software. All 614 static findings are false positives: markdown code fences were misidentified as Ruby shell execution, hardcoded URLs are public genomic databases (Ensembl, UniProt, NCBI), cryptographic patterns are data integrity checksums, and the critical heuristic is standard bioinformatics behavior (network queries to public APIs + local file operations for results).

9
Arquivos analisados
3,490
Linhas analisadas
2
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (2)
references/database_info.md:22 SKILL.md:866-868
📁 Acesso ao sistema de arquivos (3)
scripts/gene_analysis.py:55-61 scripts/enrichment_pipeline.py:24-25 scripts/batch_sequence_analysis.py:97-98

Versão da auditoria 2

Baixo Risco

Jan 12, 2026, 04:16 PM

This is a legitimate bioinformatics tool. All 592 static findings are FALSE POSITIVES triggered by markdown documentation format. The analyzer misinterpreted markdown code block delimiters (backticks) as Ruby backtick execution, and flagged bioinformatics algorithm names as 'weak cryptographic algorithms'. No subprocess, os.system, or command injection patterns exist in the actual Python code.

7
Arquivos analisados
3,046
Linhas analisadas
2
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

⚙️ Comandos externos (1)
SKILL.md:1-872
🌐 Acesso à rede (1)
references/database_info.md:1-310

Versão da auditoria 1

Seguro

Jan 4, 2026, 04:34 PM

The skill provides wrapper scripts for the gget bioinformatics library. No credential theft, data exfiltration, or malicious code execution patterns were found. All network calls go to legitimate genomic databases (Ensembl, UniProt, AlphaFold, etc.). Filesystem access is limited to reading user-provided gene lists and writing results to local directories.

10
Arquivos analisados
3,190
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

⚡ Contém scripts (3)
scripts/gene_analysis.py:1-162 scripts/enrichment_pipeline.py:1-236 scripts/batch_sequence_analysis.py:1-192
🌐 Acesso à rede (3)
scripts/gene_analysis.py:29-116 scripts/enrichment_pipeline.py:68-74 scripts/batch_sequence_analysis.py:73-88
📁 Acesso ao sistema de arquivos (3)
scripts/gene_analysis.py:42-61 scripts/enrichment_pipeline.py:14-27 scripts/batch_sequence_analysis.py:13-33
← Voltar para Skill