Навыки zentao-cli История аудитов
📦

История аудитов

zentao-cli - 2 аудиты

Версия аудита 2

Последняя Средний риск

Jun 29, 2026, 11:30 PM

Most command-execution hits are Markdown examples for using zentao-cli, not executable skill code. Confirmed risks are external CLI execution, ZenTao authentication, local credential caching, and write or delete operations. No prompt injection or malicious exfiltration evidence was found.

1
Просканировано файлов
260
Проанализировано строк
6
Review items
2
False positives ignored

Confirmed security concerns (3)

Средний
External CLI Installation and Execution
The skill tells users to install zentao-cli globally or run it through npx. This is expected, but it executes third-party code locally.
The referenced lines explicitly instruct installation and execution of an external command-line tool. The behavior is legitimate for this skill, but the execution risk is real because the package runs locally.
Средний
Credential Handling and Local Credential Cache
The skill documents login with server URL, account, password, token, and local credential storage. Exposed local files could reveal ZenTao access.
The skill explicitly documents password or token authentication and local credential caching. No malicious exfiltration is shown, but credential exposure risk is directly evidenced.
Средний
State-Changing and Destructive ZenTao Operations
The skill includes create, update, delete, resolve, close, start, and finish operations. It also shows --yes for delete confirmation bypass.
The cited examples directly perform writes and deletion. The skill also advises confirmation before writes, which lowers but does not remove operational risk.
Static false positives ignored (2)

These static matches were dismissed by semantic review or matched schema-only tokens, so they are shown for transparency but do not drive the quality score.

Низкий
Hardcoded Documentation URLs
The repository URL and sample ZenTao server URL are documentation references. No evidence found of unauthorized external data transfer.
The URLs appear in metadata and login examples. They are consistent with project documentation and do not show exfiltration logic.
Низкий
Scanner False Positives From Markdown Formatting
The weak-cryptography and high-entropy alerts appear to come from front matter, Chinese text, and Markdown examples. No obfuscated payload was found.
Manual review found normal YAML front matter and Chinese documentation text at the flagged lines. The file is readable Markdown, not obfuscated code.

Факторы риска

⚙️ Внешние команды (5)
🌐 Доступ к сети (2)
📁 Доступ к файловой системе (1)

Обнаруженные паттерны

Global Package Installation CommandCredential Cache Location DocumentedDelete Confirmation Bypass Example
Аудитор:: codex

Версия аудита 1

Безопасно

Apr 27, 2026, 06:19 AM

This is a legitimate project management CLI documentation file. The static analyzer flagged 96 instances of 'external_commands' but all are FALSE POSITIVES - they are example commands shown in markdown documentation blocks, not actual code execution. No malicious intent, prompt injection, or security threats found after human evaluation.

1
Просканировано файлов
260
Проанализировано строк
0
Review items
0
False positives ignored
Проблем безопасности не найдено
Аудитор:: claude