Skills buddy-sings Audit History
📦

Audit History

buddy-sings - 2 audits

Audit version 2

Latest Medium Risk

May 27, 2026, 05:28 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

1
Files scanned
446
Lines analyzed
3
findings
claude
Audited by
No security issues found

Risk Factors

⚙️ External commands (59)
SKILL.md:24-26 SKILL.md:26-29 SKILL.md:29-31 SKILL.md:31-35 SKILL.md:35-36 SKILL.md:36-37 SKILL.md:37-43 SKILL.md:43-45 SKILL.md:45-75 SKILL.md:75 SKILL.md:75-79 SKILL.md:79-81 SKILL.md:81-86 SKILL.md:86-87 SKILL.md:87-91 SKILL.md:91-95 SKILL.md:95-116 SKILL.md:116-119 SKILL.md:119-123 SKILL.md:123-129 SKILL.md:129-131 SKILL.md:131-138 SKILL.md:138-142 SKILL.md:142-145 SKILL.md:145 SKILL.md:145-153 SKILL.md:153-161 SKILL.md:161-191 SKILL.md:191-193 SKILL.md:193-194 SKILL.md:194-198 SKILL.md:198-200 SKILL.md:200-215 SKILL.md:215-222 SKILL.md:222-244 SKILL.md:244-251 SKILL.md:252-273 SKILL.md:273-276 SKILL.md:276-279 SKILL.md:279-299 SKILL.md:299-301 SKILL.md:301-323 SKILL.md:323-324 SKILL.md:324-327 SKILL.md:327-339 SKILL.md:339-356 SKILL.md:356-364 SKILL.md:364-370 SKILL.md:370-373 SKILL.md:373-379 SKILL.md:379-389 SKILL.md:389-399 SKILL.md:399-411 SKILL.md:411-418 SKILL.md:418-426 SKILL.md:426 SKILL.md:426-427 SKILL.md:427-428 SKILL.md:428-444
🌐 Network access (2)
SKILL.md:188 SKILL.md:32
📁 Filesystem access (17)
SKILL.md:75 SKILL.md:129 SKILL.md:145 SKILL.md:192 SKILL.md:194 SKILL.md:426 SKILL.md:75 SKILL.md:129 SKILL.md:145 SKILL.md:192 SKILL.md:194 SKILL.md:426 SKILL.md:192 SKILL.md:199 SKILL.md:390 SKILL.md:392 SKILL.md:394

Detected Patterns

Ruby/shell backtick executionPython HTTP librariesHardcoded URLHidden file in home directoryHidden file accessStandard device file accessWeak cryptographic algorithmSystem reconnaissance

Audit version 1

Safe

Apr 16, 2026, 06:07 AM

All 99 static analysis findings are false positives. The scanner misinterpreted markdown code fences (```bash) in SKILL.md as Ruby backtick execution. The file is documentation containing legitimate shell command examples for AI agent use, such as mmx CLI music generation, git log queries, and audio playback commands. No malicious patterns, credential exfiltration, or user input injection vectors were found. The skill is safe for publication.

1
Files scanned
446
Lines analyzed
0
findings
claude
Audited by
No security issues found
← Back to Skill