Audit History
chinese-learning-assistant - 5 audits
Audit version 5
Latest Low RiskJun 27, 2026, 11:13 AM
Static analysis reported many Ruby backtick, weak cryptography, and high-entropy findings. Manual review found these are false positives from Markdown code fences, inline search-query examples, and Japanese or Chinese instructional text, not executable code or obfuscation. The only meaningful operational risk is low: the skill asks the assistant to use web search for real language examples, so users should avoid submitting private text.
Low Risk Issues (4)
Risk Factors
Audit version 4
SafeJan 21, 2026, 02:47 PM
Evaluated 5 files (2500 lines). Static findings are false positives: backtick patterns in markdown are documentation formatting and search query examples, not shell execution. No malicious code detected. Skill is a legitimate Chinese language learning tool with standard web search capability for finding authentic usage examples.
Risk Factors
⚙️ External commands (5)
Audit version 3
Medium RiskJan 16, 2026, 12:08 PM
AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.
Risk Factors
⚙️ External commands (68)
Detected Patterns
Audit version 2
Medium RiskJan 16, 2026, 12:08 PM
AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.
Risk Factors
⚙️ External commands (68)
Detected Patterns
Audit version 1
SafeJan 10, 2026, 08:40 AM
This is a pure prompt-based skill with no code execution capabilities. It guides AI behavior for Chinese language learning assistance. The skill instructs AI to use web search for finding real-world expression examples, which is legitimate educational use. No filesystem access, network code, or external commands are present.