Навыки llm-doc-writer История аудитов
📦

История аудитов

llm-doc-writer - 7 аудиты

Версия аудита 7

Последняя Безопасно

Jun 28, 2026, 04:42 AM

Static analysis reported external command, network, weak crypto, and reconnaissance patterns. Manual review found only markdown examples, inline code formatting, and ordinary documentation text, with no executable code or malicious intent.

2
Просканировано файлов
282
Проанализировано строк
4
Review items
0
False positives ignored

Confirmed security concerns (4)

Низкий
False Positive: Markdown Backticks Misread as Shell Execution
The external command detections are markdown fences or inline command examples. No Ruby code, shell execution logic, or user-controlled command invocation was found.
Both scanned files are markdown documentation. The flagged locations are code fences, inline command examples, or formatting markers, not executable Ruby backtick calls.
Низкий
False Positive: Weak Crypto Pattern in Documentation Text
The weak cryptography detections match ordinary words and markdown references. No hashing, encryption, signing, or credential handling implementation was found.
Manual review found no cryptographic code. The lines contain documentation prose, headers, or references such as CLAUDE.md.
Низкий
False Positive: Network Pattern in Architecture Example
The network detection appears in a prose example about REST APIs between services. No Python HTTP library import, endpoint, or outbound request code was found.
The line is inside a before-and-after documentation example. It describes architecture communication and does not perform network activity.
Низкий
False Positive: Reconnaissance Pattern in Section Heading
The reconnaissance detection maps to an anti-patterns heading. No host, user, process, environment, or filesystem discovery command was found.
The flagged line is a markdown heading introducing writing anti-patterns. There is no executable system reconnaissance behavior in the file.
Аудитор:: codex

Версия аудита 6

Безопасно

Jan 21, 2026, 02:49 PM

All 55 static findings are false positives. The scanner misidentified markdown documentation syntax as security issues. Backticks are markdown code fences, not shell execution. RabbitMQ and JWT mentions are technology references, not weak crypto. The skill contains only documentation patterns and has no actual code execution, network calls, or cryptographic operations.

3
Просканировано файлов
926
Проанализировано строк
0
Review items
0
False positives ignored
Проблем безопасности не найдено
Аудитор:: claude

Версия аудита 5

Средний риск Audit incomplete

Jan 16, 2026, 03:09 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

Manual review required

This audit did not complete successfully. The quality score is capped until a successful audit is available.

3
Просканировано файлов
471
Проанализировано строк
3
Review items
0
False positives ignored

Обнаруженные паттерны

Ruby/shell backtick executionPython HTTP librariesWeak cryptographic algorithmSystem reconnaissance
Аудитор:: claude

Версия аудита 4

Средний риск Audit incomplete

Jan 16, 2026, 03:09 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

Manual review required

This audit did not complete successfully. The quality score is capped until a successful audit is available.

3
Просканировано файлов
471
Проанализировано строк
3
Review items
0
False positives ignored

Обнаруженные паттерны

Ruby/shell backtick executionPython HTTP librariesWeak cryptographic algorithmSystem reconnaissance
Аудитор:: claude

Версия аудита 3

Безопасно

Jan 10, 2026, 09:55 AM

Pure prompt-based documentation skill with no code execution, filesystem access, network calls, or system modifications. Contains only instructional markdown content with writing guidelines and examples.

2
Просканировано файлов
282
Проанализировано строк
0
Review items
0
False positives ignored
Проблем безопасности не найдено
Аудитор:: claude

Версия аудита 2

Безопасно

Jan 10, 2026, 09:55 AM

Pure prompt-based documentation skill with no code execution, filesystem access, network calls, or system modifications. Contains only instructional markdown content with writing guidelines and examples.

2
Просканировано файлов
282
Проанализировано строк
0
Review items
0
False positives ignored
Проблем безопасности не найдено
Аудитор:: claude

Версия аудита 1

Безопасно

Jan 10, 2026, 09:55 AM

Pure prompt-based documentation skill with no code execution, filesystem access, network calls, or system modifications. Contains only instructional markdown content with writing guidelines and examples.

2
Просканировано файлов
282
Проанализировано строк
0
Review items
0
False positives ignored
Проблем безопасности не найдено
Аудитор:: claude