Skills api-testing Audit History
๐Ÿงช

Audit History

api-testing - 6 audits

Audit version 6

Latest Low Risk

Jan 21, 2026, 04:43 PM

All static findings are false positives. The scanner incorrectly flagged regex functions (re.match/re.search) as weak cryptographic algorithms. Environment variable references and hardcoded URLs are documentation examples for test configuration, not credential exposure. The skill follows standard API testing patterns with no malicious behavior.

3
Files scanned
1,597
Lines analyzed
0
findings
claude
Audited by
No security issues found

Audit version 5

Medium Risk

Jan 16, 2026, 05:17 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
Files scanned
949
Lines analyzed
4
findings
claude
Audited by
No security issues found

Risk Factors

๐ŸŒ Network access (3)
skill-report.json:6 SKILL.md:438 SKILL.md:457
๐Ÿ“ Filesystem access (1)
skill-report.json:6
โš™๏ธ External commands (26)
SKILL.md:24-50 SKILL.md:50-56 SKILL.md:56-137 SKILL.md:137-141 SKILL.md:141-209 SKILL.md:209-213 SKILL.md:213-374 SKILL.md:374-378 SKILL.md:378-420 SKILL.md:420-426 SKILL.md:426-461 SKILL.md:461-465 SKILL.md:465-547 SKILL.md:547-551 SKILL.md:551-611 SKILL.md:611-615 SKILL.md:615-628 SKILL.md:628-643 SKILL.md:643-655 SKILL.md:655-659 SKILL.md:659-688 SKILL.md:688-694 SKILL.md:694-695 SKILL.md:695-696 SKILL.md:696-697 SKILL.md:697-698
๐Ÿ”‘ Env variables (10)
SKILL.md:433 SKILL.md:434 SKILL.md:435 SKILL.md:458 SKILL.md:433 SKILL.md:434 SKILL.md:435 SKILL.md:458 SKILL.md:72 SKILL.md:74

Detected Patterns

Weak cryptographic algorithmSystem reconnaissanceHardcoded URLHidden file accessRuby/shell backtick executionEnvironment variable access (dot notation)Environment variable objectDatabase connection stringsEnvironment file accessCertificate/key filesSQLite database file[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

Audit version 4

Medium Risk

Jan 16, 2026, 05:17 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
Files scanned
949
Lines analyzed
4
findings
claude
Audited by
No security issues found

Risk Factors

๐ŸŒ Network access (3)
skill-report.json:6 SKILL.md:438 SKILL.md:457
๐Ÿ“ Filesystem access (1)
skill-report.json:6
โš™๏ธ External commands (26)
SKILL.md:24-50 SKILL.md:50-56 SKILL.md:56-137 SKILL.md:137-141 SKILL.md:141-209 SKILL.md:209-213 SKILL.md:213-374 SKILL.md:374-378 SKILL.md:378-420 SKILL.md:420-426 SKILL.md:426-461 SKILL.md:461-465 SKILL.md:465-547 SKILL.md:547-551 SKILL.md:551-611 SKILL.md:611-615 SKILL.md:615-628 SKILL.md:628-643 SKILL.md:643-655 SKILL.md:655-659 SKILL.md:659-688 SKILL.md:688-694 SKILL.md:694-695 SKILL.md:695-696 SKILL.md:696-697 SKILL.md:697-698
๐Ÿ”‘ Env variables (10)
SKILL.md:433 SKILL.md:434 SKILL.md:435 SKILL.md:458 SKILL.md:433 SKILL.md:434 SKILL.md:435 SKILL.md:458 SKILL.md:72 SKILL.md:74

Detected Patterns

Weak cryptographic algorithmSystem reconnaissanceHardcoded URLHidden file accessRuby/shell backtick executionEnvironment variable access (dot notation)Environment variable objectDatabase connection stringsEnvironment file accessCertificate/key filesSQLite database file[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

Audit version 3

Safe

Jan 10, 2026, 10:50 AM

Pure documentation skill with no executable code. The verify.py script is a read-only validation utility with no network access, no file writes, and no command execution capabilities.

2
Files scanned
762
Lines analyzed
0
findings
claude
Audited by
No security issues found

Audit version 2

Safe

Jan 10, 2026, 10:50 AM

Pure documentation skill with no executable code. The verify.py script is a read-only validation utility with no network access, no file writes, and no command execution capabilities.

2
Files scanned
762
Lines analyzed
0
findings
claude
Audited by
No security issues found

Audit version 1

Safe

Jan 10, 2026, 10:50 AM

Pure documentation skill with no executable code. The verify.py script is a read-only validation utility with no network access, no file writes, and no command execution capabilities.

2
Files scanned
762
Lines analyzed
0
findings
claude
Audited by
No security issues found
โ† Back to Skill