Навыки routeros-qemu-chr История аудитов
📦

История аудитов

routeros-qemu-chr - 3 аудиты

Версия аудита 3

Последняя Средний риск

May 9, 2026, 03:51 PM

Static analysis detected 347 potential security patterns across 5 files. After semantic evaluation, all findings are FALSE POSITIVES. The skill uses external commands for QEMU invocation, which is the core purpose of this documentation. Network access is limited to mikrotik.com download URLs. No malicious intent or actual security vulnerabilities confirmed.

5
Просканировано файлов
799
Проанализировано строк
9
находки
claude
Проверено
Проблемы среднего риска (2)
SKILL.md:51-57references/github-actions-ci.md:103-112
External Command Invocation in Documentation
Skill contains numerous shell commands and script examples for QEMU invocation. These are intentional documentation patterns, not security vulnerabilities. Commands are hardcoded with fixed arguments (qemu-system-x86_64, specific flags) and not subject to user input injection.
SKILL.md:217references/github-actions-ci.md:11
System Device Access for Virtualization
Documentation references /dev/kvm access for KVM acceleration detection. This is standard practice for QEMU virtual machine management on Linux.
Проблемы низкого риска (4)
references/virtio-drivers.md:45references/chr-licensing.md:32references/chr-licensing.md:77
Historical Cryptographic Reference (MD5)
MD5 is mentioned in virtio-drivers.md in the context of a kernel config option (CONFIG_BLK_DEV_NVME is unrelated to MD5). The chr-licensing.md references are in documentation explaining license expiry behavior, not for security purposes.
SKILL.md:32-36references/github-actions-ci.md:71-72
Hardcoded Network URLs
MikroTik download URLs (download.mikrotik.com, cdn.mikrotik.com) are hardcoded for CHR image downloads. These are official MikroTik infrastructure URLs.
SKILL.md:215-232references/github-actions-ci.md:111
System Reconnaissance for Acceleration Detection
The skill checks for KVM availability (/dev/kvm) and HVF support (sysctl kern.hv_support) to determine appropriate QEMU acceleration.
references/github-actions-ci.md:34-48
Sudo Usage in CI Workflows
GitHub Actions CI documentation uses sudo for apt-get installation and udev configuration. This is standard CI practice.

Факторы риска

⚙️ Внешние команды (3)
references/chr-licensing.md:25 references/github-actions-ci.md:7 SKILL.md:97
🌐 Доступ к сети (2)
references/chr-licensing.md:36 SKILL.md:32
📁 Доступ к файловой системе (2)
references/github-actions-ci.md:11 SKILL.md:69

Версия аудита 2

Низкий риск

Apr 16, 2026, 09:11 PM

Documentation and reference skill for running RouterOS CHR in QEMU. Static analysis flagged 343 patterns, but evaluation reveals these are false positives: shell backtick notation in markdown code examples (not execution), sudo in GitHub Actions CI (expected), MD5 references in kernel history docs (not actual usage), and legitimate acceleration detection commands. All network access targets MikroTik infrastructure for downloading CHR images. Risk level set to LOW due to external command patterns in documentation examples, but no actual malicious code present.

5
Просканировано файлов
794
Проанализировано строк
12
находки
claude
Проверено

Проблемы высокого риска (4)

SKILL.md:16-316references/chr-licensing.md:25-71references/github-actions-ci.md:7-254references/known-issues.md:5-81references/virtio-drivers.md:9-53
Documentation Shell Examples Misidentified as Execution
Static scanner flagged 264 instances of Ruby/shell backtick notation. These are markdown code blocks showing shell command syntax, not actual command execution. Files are documentation with command examples.
references/github-actions-ci.md:34-48
sudo Commands in GitHub Actions CI (Expected Behavior)
GitHub Actions workflow uses sudo for package installation (apt-get install). This is standard CI/CD practice, not privilege escalation risk.
references/github-actions-ci.md:103references/known-issues.md:55-62
nohup for Background QEMU Process (Legitimate Use)
nohup is used to run QEMU in background during CI testing. This is standard practice for running VMs in CI environments.
SKILL.md:271
Base64 HTTP Basic Auth (Standard Practice)
Static scanner flagged btoa('admin:') as weak crypto. This is standard HTTP Basic Auth encoding, not cryptographic weakness.
Проблемы среднего риска (3)
SKILL.md:32-38references/github-actions-ci.md:71-72references/chr-licensing.md:36
Network Access to External URLs
Skill downloads CHR images from MikroTik infrastructure. URLs point to download.mikrotik.com and cdn.mikrotik.com for official RouterOS images.
references/github-actions-ci.md:11SKILL.md:69
Device File Access for Virtualization
/dev/kvm access for KVM acceleration detection. This is standard practice for virtualization tooling.
references/github-actions-ci.md:110-238SKILL.md:104-148
Temp Directory Access
/tmp used for QEMU vars files, serial sockets, and log files. Standard temp file usage for VM management.
Проблемы низкого риска (2)
SKILL.md:110-270references/github-actions-ci.md:130-232
Hardcoded IP Addresses (Localhost)
127.0.0.1 used for RouterOS REST API and port forwarding. Standard localhost addressing.
SKILL.md:24-45references/known-issues.md:35
System Information Commands (Acceleration Detection)
uname, sysctl, and stat commands used for platform detection. Standard virtualization tooling practice.

Факторы риска

⚙️ Внешние команды (3)
SKILL.md:66-83 references/github-actions-ci.md:34-48 references/github-actions-ci.md:103
🌐 Доступ к сети (2)
SKILL.md:32-38 references/github-actions-ci.md:71-72
📁 Доступ к файловой системе (2)
SKILL.md:69 references/github-actions-ci.md:11

Версия аудита 1

Безопасно

Mar 30, 2026, 02:11 AM

Static analysis detected 303 potential security issues in code examples and documentation. All findings are false positives: external commands are legitimate QEMU invocations for virtualization, network operations access official MikroTik servers, and filesystem operations are standard QEMU configuration patterns. No malicious intent detected.

4
Просканировано файлов
668
Проанализировано строк
3
находки
claude
Проверено
Проблем безопасности не найдено

Факторы риска

⚙️ Внешние команды (3)
references/github-actions-ci.md:19-20 references/github-actions-ci.md:31-33 SKILL.md:97-107
🌐 Доступ к сети (2)
SKILL.md:31-38 SKILL.md:258-272
📁 Доступ к файловой системе (2)
SKILL.md:69-71 SKILL.md:144-148
← Назад к навыку