История аудитов - gemini-image

Версия аудита 5

Последняя Безопасно

Jan 16, 2026, 09:04 PM

This is a documentation-based skill with no executable code. All static findings are false positives triggered by documentation examples. The skill provides API documentation for legitimate image generation through apicore.ai. No code execution, credential exfiltration, or obfuscation patterns present.

6

Просканировано файлов

414

Проанализировано строк

3

находки

claude

Проверено

Проблемы низкого риска (1)

SKILL.md:28-36

Third-party API dependency

Skill makes HTTP calls to api.apicore.ai using user-provided API keys. Users should be aware this connects to an external service.

Факторы риска

🌐 Доступ к сети (1)

SKILL.md:28-36

📁 Доступ к файловой системе (1)

SKILL.md:13

Версия аудита 4

Безопасно

Jan 16, 2026, 09:04 PM

This is a documentation-based skill with no executable code. All static findings are false positives triggered by documentation examples. The skill provides API documentation for legitimate image generation through apicore.ai. No code execution, credential exfiltration, or obfuscation patterns present.

6

Просканировано файлов

414

Проанализировано строк

3

находки

claude

Проверено

Проблемы низкого риска (1)

SKILL.md:28-36

Third-party API dependency

Skill makes HTTP calls to api.apicore.ai using user-provided API keys. Users should be aware this connects to an external service.

Факторы риска

🌐 Доступ к сети (1)

SKILL.md:28-36

📁 Доступ к файловой системе (1)

SKILL.md:13

Версия аудита 3

Низкий риск

Jan 10, 2026, 12:02 PM

This is a prompt-based skill that makes documented HTTP API calls to generate images. It reads a user-provided API key from a config file and makes calls to apicore.ai. No code execution, no obfuscation, no credential exfiltration patterns detected.

5

Просканировано файлов

89

Проанализировано строк

3

находки

claude

Проверено

Проблемы низкого риска (1)

SKILL.md:28-36

Third-party API dependency

Skill makes HTTP calls to api.apicore.ai using user-provided API keys. Users should be aware this connects to an external service. Code from SKILL.md lines 28-36: 'curl -s -X POST "https://api.apicore.ai/v1/images/generations" -H "Authorization: Bearer API_KEY"'

Факторы риска

🌐 Доступ к сети (1)

SKILL.md:28-36

📁 Доступ к файловой системе (1)

SKILL.md:13

Версия аудита 2

Низкий риск

Jan 10, 2026, 12:02 PM

This is a prompt-based skill that makes documented HTTP API calls to generate images. It reads a user-provided API key from a config file and makes calls to apicore.ai. No code execution, no obfuscation, no credential exfiltration patterns detected.

5

Просканировано файлов

89

Проанализировано строк

3

находки

claude

Проверено

Проблемы низкого риска (1)

SKILL.md:28-36

Third-party API dependency

Skill makes HTTP calls to api.apicore.ai using user-provided API keys. Users should be aware this connects to an external service. Code from SKILL.md lines 28-36: 'curl -s -X POST "https://api.apicore.ai/v1/images/generations" -H "Authorization: Bearer API_KEY"'

Факторы риска

🌐 Доступ к сети (1)

SKILL.md:28-36

📁 Доступ к файловой системе (1)

SKILL.md:13

Версия аудита 1

Низкий риск

Jan 10, 2026, 12:02 PM

This is a prompt-based skill that makes documented HTTP API calls to generate images. It reads a user-provided API key from a config file and makes calls to apicore.ai. No code execution, no obfuscation, no credential exfiltration patterns detected.

5

Просканировано файлов

89

Проанализировано строк

3

находки

claude

Проверено

Проблемы низкого риска (1)

SKILL.md:28-36

Third-party API dependency

Skill makes HTTP calls to api.apicore.ai using user-provided API keys. Users should be aware this connects to an external service. Code from SKILL.md lines 28-36: 'curl -s -X POST "https://api.apicore.ai/v1/images/generations" -H "Authorization: Bearer API_KEY"'

Факторы риска

🌐 Доступ к сети (1)

SKILL.md:28-36

📁 Доступ к файловой системе (1)

SKILL.md:13