Навыки seedance История аудитов
🎬

История аудитов

seedance - 2 аудиты

Версия аудита 2

Последняя Безопасно

Mar 26, 2026, 04:00 AM

All 103 static analysis findings are FALSE POSITIVES. The scanner incorrectly flagged backtick characters in markdown as Ruby shell commands (99 occurrences), YAML front matter as weak cryptographic algorithms, and Chinese narrative text as obfuscated payloads. This is a legitimate video prompt engineering skill with no malicious code, no external commands, no network access, and no cryptographic operations.

1
Просканировано файлов
581
Проанализировано строк
0
находки
claude
Проверено
Проблем безопасности не найдено

Обнаруженные паттерны

False Positive: Backtick Character DetectionFalse Positive: YAML Front Matter Crypto DetectionFalse Positive: Chinese Text Entropy

Версия аудита 1

Безопасно

Mar 6, 2026, 02:40 PM

All 103 static findings are false positives. The scanner detected Ruby backtick syntax and cryptographic algorithms in what is actually a markdown documentation file containing video prompt examples in Chinese. The '@' symbols are reference syntax for the Seedance platform, not code execution. No actual security risks found.

1
Просканировано файлов
581
Проанализировано строк
3
находки
claude
Проверено

Критические проблемы (1)

SKILL.md:33SKILL.md:52-54SKILL.md:59-63
False Positive: Ruby Backtick Detection
Scanner detected 'Ruby/shell backtick execution' at multiple lines (33, 52-54, 59-63, etc.). These are actually '@' reference symbols (@图片1, @视频1) for the Seedance AI video platform. This is legitimate documentation content, not code execution.

Проблемы высокого риска (2)

SKILL.md:3
False Positive: Weak Cryptographic Algorithm
Scanner reported 'weak cryptographic algorithm' at SKILL.md:3. Line 3 contains YAML frontmatter with skill description text. No cryptographic code exists.
SKILL.md:261SKILL.md:1
False Positive: High Entropy Obfuscation
Scanner reported 'very high entropy string' at SKILL.md:261 and 'high file entropy' at SKILL.md:1. These are Chinese video prompt text examples, not encoded payloads. Multilingual text naturally has higher entropy.
← Назад к навыку