Habilidades hypogenic Histórico de Auditoria
📊

Histórico de Auditoria

hypogenic - 6 auditorias

Versão da auditoria 6

Mais recente Baixo Risco

Jan 21, 2026, 05:27 PM

This scientific hypothesis generation skill was scanned with 126 potential issues detected. After evaluation, all findings are false positives: environment variable references for API keys follow security best practices; hardcoded URLs are legitimate documentation links; shell command examples are user setup instructions; no actual cryptographic code or command-and-control patterns exist. The skill makes normal LLM API calls for hypothesis generation, which is expected functionality.

3
Arquivos analisados
2,075
Linhas analisadas
2
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (4)
SKILL.md:24 SKILL.md:544 SKILL.md:564 SKILL.md:603-604
⚙️ Comandos externos (3)
SKILL.md:19-31 SKILL.md:123-125 SKILL.md:233-235

Versão da auditoria 5

Risco Médio

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
Arquivos analisados
1,017
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🔑 Variáveis de ambiente (2)
references/config_template.yaml:17 references/config_template.yaml:17
🌐 Acesso à rede (18)
skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617
⚙️ Comandos externos (80)
SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

Padrões Detectados

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

Versão da auditoria 4

Risco Médio

Jan 17, 2026, 07:51 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
Arquivos analisados
1,017
Linhas analisadas
3
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🔑 Variáveis de ambiente (2)
references/config_template.yaml:17 references/config_template.yaml:17
🌐 Acesso à rede (18)
skill-report.json:6 SKILL.md:24 SKILL.md:135 SKILL.md:138 SKILL.md:290 SKILL.md:316 SKILL.md:544 SKILL.md:556 SKILL.md:564 SKILL.md:565 SKILL.md:577 SKILL.md:585 SKILL.md:595 SKILL.md:603 SKILL.md:604 SKILL.md:606 SKILL.md:614 SKILL.md:617
⚙️ Comandos externos (80)
SKILL.md:19-31 SKILL.md:31-35 SKILL.md:35-46 SKILL.md:46-123 SKILL.md:123-125 SKILL.md:125-133 SKILL.md:133-139 SKILL.md:139-146 SKILL.md:146-147 SKILL.md:147-148 SKILL.md:148-151 SKILL.md:151 SKILL.md:151-152 SKILL.md:152-155 SKILL.md:155-170 SKILL.md:170-174 SKILL.md:174-175 SKILL.md:175 SKILL.md:175-179 SKILL.md:179-191 SKILL.md:191 SKILL.md:191-196 SKILL.md:196-224 SKILL.md:224-226 SKILL.md:226-233 SKILL.md:233-235 SKILL.md:235-238 SKILL.md:238-241 SKILL.md:241-248 SKILL.md:248-256 SKILL.md:256-258 SKILL.md:258-269 SKILL.md:269-271 SKILL.md:271-286 SKILL.md:286-310 SKILL.md:310-314 SKILL.md:314-329 SKILL.md:329-333 SKILL.md:333-342 SKILL.md:342-346 SKILL.md:346-348 SKILL.md:348-360 SKILL.md:360-362 SKILL.md:362-372 SKILL.md:372-374 SKILL.md:374-376 SKILL.md:376-378 SKILL.md:378-380 SKILL.md:380-390 SKILL.md:390-392 SKILL.md:392-394 SKILL.md:394-406 SKILL.md:406-408 SKILL.md:408-430 SKILL.md:430-436 SKILL.md:436-439 SKILL.md:439-448 SKILL.md:448-449 SKILL.md:449-450 SKILL.md:450-452 SKILL.md:452 SKILL.md:452-460 SKILL.md:460 SKILL.md:460-466 SKILL.md:466-488 SKILL.md:488-493 SKILL.md:493-496 SKILL.md:496-502 SKILL.md:502-508 SKILL.md:508-514 SKILL.md:514-530 SKILL.md:530-548 SKILL.md:548-558 SKILL.md:558-569 SKILL.md:569-579 SKILL.md:579-589 SKILL.md:589-597 SKILL.md:597-612 SKILL.md:612-618 SKILL.md:618-632

Padrões Detectados

Generic API/secret keysWeak cryptographic algorithmHardcoded URLC2 keywordsRuby/shell backtick executionSystem reconnaissance[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

Versão da auditoria 3

Risco Médio

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2
Arquivos analisados
806
Linhas analisadas
5
achados
claude
Auditado por
Problemas de Risco Médio (1)
SKILL.md:233SKILL.md:243
External command execution for GROBID PDF processing
External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.
Problemas de Baixo Risco (1)
SKILL.md:24SKILL.md:135
Hardcoded URLs to academic resources
The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

Fatores de risco

🔑 Variáveis de ambiente (1)
references/config_template.yaml:17
⚙️ Comandos externos (2)
SKILL.md:233 SKILL.md:243
🌐 Acesso à rede (2)
SKILL.md:24 SKILL.md:135

Versão da auditoria 2

Risco Médio

Jan 12, 2026, 04:30 PM

The skill contains legitimate research tooling with some security considerations. External command execution is used for academic tools like GROBID PDF processing, not malicious purposes. API key access is standard for LLM integration. The 'C2 keywords' finding appears to be a false positive - the context is academic citations, not command & control infrastructure.

2
Arquivos analisados
806
Linhas analisadas
5
achados
claude
Auditado por
Problemas de Risco Médio (1)
SKILL.md:233SKILL.md:243
External command execution for GROBID PDF processing
External commands are used to set up and run GROBID for PDF literature processing. GROBID is a legitimate open-source academic tool for extracting structured information from scientific PDFs. The bash scripts in modules/ directory are used for academic research purposes, not for malicious activities.
Problemas de Baixo Risco (1)
SKILL.md:24SKILL.md:135
Hardcoded URLs to academic resources
The skill references hardcoded URLs pointing to legitimate academic resources including arXiv papers, GitHub repositories for the ChicagoHAI research group, and PyPI package distribution. These URLs are for accessing open-source research tools and datasets essential to the skill's functionality.

Fatores de risco

🔑 Variáveis de ambiente (1)
references/config_template.yaml:17
⚙️ Comandos externos (2)
SKILL.md:233 SKILL.md:243
🌐 Acesso à rede (2)
SKILL.md:24 SKILL.md:135

Versão da auditoria 1

Seguro

Jan 4, 2026, 04:39 PM

The skill files are pure documentation and configuration templates. No executable code exists in the skill directory. All described functionality (CLI commands, Python API, Redis caching) refers to an external hypogenic package that users install separately. The skill itself only provides guidance, templates, and usage instructions for Claude to help users work with this external package.

5
Arquivos analisados
1,036
Linhas analisadas
1
achados
claude
Auditado por
Nenhum problema de segurança encontrado

Fatores de risco

🌐 Acesso à rede (1)
references/config_template.yaml:15-19
← Voltar para Skill