Навыки manager-planner История аудитов
📦

История аудитов

manager-planner - 7 аудиты

Версия аудита 7

Последняя Средний риск

Jun 28, 2026, 03:51 AM

The static analyzer flagged many Markdown backticks as Ruby or shell execution, and those are mostly false positives. Human review confirmed that the skill does instruct agents to run repository-local Python utilities and cleanup commands, so it carries a legitimate external-command risk but no evidence of malicious intent.

1
Просканировано файлов
93
Проанализировано строк
4
Review items
0
False positives ignored

Confirmed security concerns (2)

Низкий
Static Weak-Cryptography Detections Are False Positives
The high-severity weak-cryptography findings point to ordinary prose, directory names, or Markdown file references. No hash algorithm, encryption operation, or cryptographic decision is present at the cited lines.
Manual review of each cited line found no cryptographic code or algorithm names. The signals appear to be substring matches inside non-code Markdown text.
Низкий
Static Reconnaissance Detections Are Benign Audit Instructions
The system-reconnaissance findings refer to bounded repository inspection, such as checking logs and citations. No instruction collects host secrets, network data, credentials, or operating system inventory.
The cited lines describe limiting shell output, checking citations, and reading a project communication log. These actions are scoped to project quality control rather than host reconnaissance.
Capability review items (1)

These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.

Средний
Repository-Local Command Execution Guidance
The skill instructs agents to run local Python utilities for tests, health checks, cleanup, and queue reconciliation. This is aligned with the skill purpose, but executing repository scripts can modify files or run untrusted code in a compromised repository.
The commands are explicitly listed in the skill instructions. The context supports legitimate system maintenance, but the risk remains because repository-local scripts execute with the agent session permissions.

Факторы риска

Обнаруженные паттерны

External Command Instructions
Аудитор:: codex

Версия аудита 6

Низкий риск

Jan 21, 2026, 02:57 PM

All static findings are false positives. The skill is a legitimate workflow orchestration system for document processing. Scanner flagged SHA256 hashes as C2/weak crypto (they are secure hashes for file integrity), and documentation code examples in SKILL.md as command execution (they are markdown references, not code). No malicious patterns confirmed.

2
Просканировано файлов
753
Проанализировано строк
2
Review items
0
False positives ignored

Факторы риска

⚙️ Внешние команды (1)
⚡ Содержит скрипты (1)
Аудитор:: claude

Версия аудита 5

Средний риск Audit incomplete

Jan 16, 2026, 03:32 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

Manual review required

This audit did not complete successfully. The quality score is capped until a successful audit is available.

2
Просканировано файлов
338
Проанализировано строк
2
Review items
0
False positives ignored

Обнаруженные паттерны

Weak cryptographic algorithmRuby/shell backtick executionSystem reconnaissance
Аудитор:: claude

Версия аудита 4

Средний риск Audit incomplete

Jan 16, 2026, 03:32 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

Manual review required

This audit did not complete successfully. The quality score is capped until a successful audit is available.

2
Просканировано файлов
338
Проанализировано строк
2
Review items
0
False positives ignored

Обнаруженные паттерны

Weak cryptographic algorithmRuby/shell backtick executionSystem reconnaissance
Аудитор:: claude

Версия аудита 3

Низкий риск

Jan 10, 2026, 09:40 AM

Prompt-based orchestration skill with no executable code. References internal Python scripts for system health checks, but these are part of the managed system's own tooling. No network calls, credential access, or suspicious behavior detected. Legitimate agent coordination tool.

1
Просканировано файлов
93
Проанализировано строк
4
Review items
0
False positives ignored
Capability review items (2)

These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.

Низкий
External command execution references
The skill instructs agents to run Python scripts for system integrity checks. These include: 'python 99_Working_Files/Utilities/run_system_tests.py' (line 42), 'python 99_Working_Files/Utilities/repo_health_check.py' (line 47), and cleanup operations (line 49). These are legitimate internal system commands used for maintaining workflow integrity.
Низкий
Filesystem access for system audits
The skill requires reading various system files for health checks and log consistency verification. Access includes: 'Agent_Communication_Log.md' (line 52), 'Review_Log.tsv' (lines 69-71), 'Flagged_Tasks.tsv' (line 75), and queue files in '99_Working_Files/Queues/' (lines 73-76). This is standard system auditing behavior.

Факторы риска

⚡ Содержит скрипты (3)
📁 Доступ к файловой системе (3)
Аудитор:: claude

Версия аудита 2

Низкий риск

Jan 10, 2026, 09:40 AM

Prompt-based orchestration skill with no executable code. References internal Python scripts for system health checks, but these are part of the managed system's own tooling. No network calls, credential access, or suspicious behavior detected. Legitimate agent coordination tool.

1
Просканировано файлов
93
Проанализировано строк
4
Review items
0
False positives ignored
Capability review items (2)

These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.

Низкий
External command execution references
The skill instructs agents to run Python scripts for system integrity checks. These include: 'python 99_Working_Files/Utilities/run_system_tests.py' (line 42), 'python 99_Working_Files/Utilities/repo_health_check.py' (line 47), and cleanup operations (line 49). These are legitimate internal system commands used for maintaining workflow integrity.
Низкий
Filesystem access for system audits
The skill requires reading various system files for health checks and log consistency verification. Access includes: 'Agent_Communication_Log.md' (line 52), 'Review_Log.tsv' (lines 69-71), 'Flagged_Tasks.tsv' (line 75), and queue files in '99_Working_Files/Queues/' (lines 73-76). This is standard system auditing behavior.

Факторы риска

⚡ Содержит скрипты (3)
📁 Доступ к файловой системе (3)
Аудитор:: claude

Версия аудита 1

Низкий риск

Jan 10, 2026, 09:40 AM

Prompt-based orchestration skill with no executable code. References internal Python scripts for system health checks, but these are part of the managed system's own tooling. No network calls, credential access, or suspicious behavior detected. Legitimate agent coordination tool.

1
Просканировано файлов
93
Проанализировано строк
4
Review items
0
False positives ignored
Capability review items (2)

These are real local capabilities that may be expected for this skill, so they require review but are not counted as confirmed malicious behavior.

Низкий
External command execution references
The skill instructs agents to run Python scripts for system integrity checks. These include: 'python 99_Working_Files/Utilities/run_system_tests.py' (line 42), 'python 99_Working_Files/Utilities/repo_health_check.py' (line 47), and cleanup operations (line 49). These are legitimate internal system commands used for maintaining workflow integrity.
Низкий
Filesystem access for system audits
The skill requires reading various system files for health checks and log consistency verification. Access includes: 'Agent_Communication_Log.md' (line 52), 'Review_Log.tsv' (lines 69-71), 'Flagged_Tasks.tsv' (line 75), and queue files in '99_Working_Files/Queues/' (lines 73-76). This is standard system auditing behavior.

Факторы риска

⚡ Содержит скрипты (3)
📁 Доступ к файловой системе (3)
Аудитор:: claude