Audit History - docs-review

Audit version 6

Latest Safe

Jan 21, 2026, 06:04 PM

This skill is a documentation review tool that checks markdown files against the Metabase writing style guide. All 40 static findings were false positives from pattern matching on documentation content. The skill legitimately uses Read, Grep, Glob, and Bash tools for reviewing documentation changes in pull requests or local files. No actual security risks identified.

2

Files scanned

642

Lines analyzed

0

findings

claude

Audited by

No security issues found

Audit version 5

Medium Risk

Jan 17, 2026, 06:31 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2

Files scanned

444

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

🌐 Network access (1)

skill-report.json:6

📁 Filesystem access (1)

skill-report.json:6

⚙️ External commands (13)

SKILL.md:97 SKILL.md:106 SKILL.md:172-186 SKILL.md:186-202 SKILL.md:202-205 SKILL.md:205-212 SKILL.md:212-215 SKILL.md:215-218 SKILL.md:218-219 SKILL.md:219-225 SKILL.md:225-229 SKILL.md:229-234 SKILL.md:234-244

Detected Patterns

Hardcoded URLHidden file accessC2 keywordsWeak cryptographic algorithmSystem reconnaissanceRuby/shell backtick executionNetwork reconnaissance

Audit version 4

Medium Risk

Jan 17, 2026, 06:31 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2

Files scanned

444

Lines analyzed

3

findings

claude

Audited by

No security issues found

Risk Factors

🌐 Network access (1)

skill-report.json:6

📁 Filesystem access (1)

skill-report.json:6

⚙️ External commands (13)

SKILL.md:97 SKILL.md:106 SKILL.md:172-186 SKILL.md:186-202 SKILL.md:202-205 SKILL.md:205-212 SKILL.md:212-215 SKILL.md:215-218 SKILL.md:218-219 SKILL.md:219-225 SKILL.md:225-229 SKILL.md:229-234 SKILL.md:234-244

Detected Patterns

Hardcoded URLHidden file accessC2 keywordsWeak cryptographic algorithmSystem reconnaissanceRuby/shell backtick executionNetwork reconnaissance

Audit version 3

Safe

Jan 9, 2026, 04:07 AM

This is a pure prompt-based documentation review skill with no executable code. The allowed tools (Read, Grep, Bash, Glob) are appropriate for reviewing markdown files. Behavior matches stated purpose of style guide compliance checking.

2

Files scanned

165

Lines analyzed

2

findings

claude

Audited by

No security issues found

Risk Factors

📁 Filesystem access (1)

SKILL.md:4

⚙️ External commands (1)

SKILL.md:4

Audit version 2

Safe

Jan 9, 2026, 04:07 AM

This is a pure prompt-based documentation review skill with no executable code. The allowed tools (Read, Grep, Bash, Glob) are appropriate for reviewing markdown files. Behavior matches stated purpose of style guide compliance checking.

2

Files scanned

165

Lines analyzed

2

findings

claude

Audited by

No security issues found

Risk Factors

📁 Filesystem access (1)

SKILL.md:4

⚙️ External commands (1)

SKILL.md:4

Audit version 1

Safe

Jan 9, 2026, 04:07 AM

This is a pure prompt-based documentation review skill with no executable code. The allowed tools (Read, Grep, Bash, Glob) are appropriate for reviewing markdown files. Behavior matches stated purpose of style guide compliance checking.

2

Files scanned

165

Lines analyzed

2

findings

claude

Audited by

No security issues found

Risk Factors

📁 Filesystem access (1)

SKILL.md:4

⚙️ External commands (1)

SKILL.md:4