Skills routeros-netinstall Audit History
📦

Audit History

routeros-netinstall - 3 audits

Audit version 3

Latest Low Risk

May 9, 2026, 03:48 PM

This skill is a documentation guide for MikroTik RouterOS netinstall-cli. Static analysis flagged 107 potential issues, but evaluation shows all are false positives. The skill documents a legitimate network administration tool with external command references being markdown documentation syntax, not executable code. Hardcoded URLs are legitimate MikroTik download endpoints. No prompt injection or malicious patterns detected.

1
Files scanned
210
Lines analyzed
6
findings
claude
Audited by

High Risk Issues (1)

SKILL.md:106-108SKILL.md:133SKILL.md:206-209
Hardcoded MikroTik Download URLs
The skill contains hardcoded URLs to download.mikrotik.com for RouterOS packages and netinstall-cli binaries. These are legitimate vendor endpoints used for network administration.
Medium Risk Issues (1)
SKILL.md:8SKILL.md:136-139SKILL.md:144-145SKILL.md:152-154SKILL.md:159-161SKILL.md:172-175
Markdown Code Fenced Shell Commands
The skill contains shell command examples using backtick syntax and fenced code blocks. These are documentation examples for netinstall-cli usage, not executable code.
Low Risk Issues (2)
SKILL.md:144
Hardcoded Network Configuration Examples
The skill documents network configuration examples including IP addresses (192.168.88.2/24) for netinstall server setup.
SKILL.md:181-191
Etherboot Entry Methods Documentation
The skill documents device recovery methods including reset button, serial console, and RouterOS settings for entering etherboot mode.

Risk Factors

⚙️ External commands (6)
SKILL.md:8 SKILL.md:136 SKILL.md:144 SKILL.md:152 SKILL.md:159 SKILL.md:172
🌐 Network access (7)
SKILL.md:106 SKILL.md:107 SKILL.md:108 SKILL.md:133 SKILL.md:206 SKILL.md:207 SKILL.md:209

Audit version 2

Safe

Apr 16, 2026, 09:09 PM

This skill is a documentation-only SKILL.md file (252 lines) describing MikroTik RouterOS netinstall-cli usage. The static analyzer flagged 124 patterns, but all are false positives from misinterpreting markdown formatting. Backtick-enclosed text (e.g., `netinstall-cli`) is markdown inline code formatting, not Ruby/shell execution. Sudo references, shell command substitution examples, and network URLs appear in documented code examples and reference links. The file contains no executable code, no secrets, and no malicious patterns. Safe for publication.

1
Files scanned
252
Lines analyzed
0
findings
claude
Audited by
No security issues found

Audit version 1

Low Risk

Mar 30, 2026, 02:08 AM

This is a documentation/information skill providing guidance on MikroTik netinstall-cli usage. All 113 static analyzer flags are false positives or misclassifications. The backtick patterns are Makefile syntax in documentation examples. Sudo usage is legitimate (tool requires root for privileged BOOTP/TFTP ports). No cryptographic algorithms are implemented. The skill poses no security risk to users.

1
Files scanned
235
Lines analyzed
8
findings
claude
Audited by
Medium Risk Issues (1)
SKILL.md:167-168SKILL.md:179SKILL.md:189SKILL.md:202
Misclassified sudo privilege escalation
Static analyzer flagged 'sudo netinstall-cli' usage as privilege escalation. This is FALSE POSITIVE - the netinstall-cli tool legitimately requires root privileges for BOOTP (ports 67/68) and TFTP (port 69) network operations. Documentation correctly shows proper sudo usage for this sysadmin tool.
Low Risk Issues (4)
SKILL.md:144-149SKILL.md:146-147
Documentation examples containing Makefile syntax
Static analyzer flagged '$(shell ...)' as Ruby backtick execution. This is FALSE POSITIVE - lines 144-149 contain Makefile documentation showing version resolution patterns, not executable code.
SKILL.md:112-114SKILL.md:147SKILL.md:234
Hardcoded MikroTik download URLs
Static analyzer flagged hardcoded URLs to download.mikrotik.com and upgrade.mikrotik.com. These are legitimate official MikroTik download endpoints for RouterOS packages - not security concerns.
SKILL.md:169
Example IP address in documentation
Line 169 shows example IP 192.168.88.2/24 for network configuration documentation. Standard practice for documentation - no actual IP scanning or network probing.
SKILL.md:109SKILL.md:140
Markdown relative path references flagged as path traversal
Lines 109 and 140 reference '../routeros-fundamentals/references/version-parsing.md' as markdown links to other skill documentation. This is standard cross-referencing, not path traversal vulnerability.

Risk Factors

⚙️ External commands (1)
SKILL.md:144-149
🌐 Network access (1)
SKILL.md:112-114
📁 Filesystem access (1)
SKILL.md:109

Detected Patterns

Static analyzer misclassified keywords as crypto weakness
← Back to Skill