Skills incident-runbook-templates Audit History
🚨

Audit History

incident-runbook-templates - 4 audits

Audit version 4

Latest Safe

Jan 17, 2026, 09:28 AM

Pure documentation skill containing only static markdown templates. No executable code, no file system access, no network calls. All 70 static findings are false positives: markdown code blocks were misidentified as Ruby/shell backticks, example URLs were flagged as hardcoded network addresses, and SQL/YAML content was misidentified as weak cryptographic algorithms. The skill generates text templates only.

2
Files scanned
589
Lines analyzed
3
findings
claude
Audited by
No security issues found

Risk Factors

⚙️ External commands (40)
skill-report.json:67 SKILL.md:32-42 SKILL.md:42-48 SKILL.md:48-65 SKILL.md:65-66 SKILL.md:66-67 SKILL.md:67-77 SKILL.md:77-86 SKILL.md:86-89 SKILL.md:89-105 SKILL.md:105-123 SKILL.md:123-126 SKILL.md:126-147 SKILL.md:147-150 SKILL.md:150-167 SKILL.md:167-170 SKILL.md:170-200 SKILL.md:200-203 SKILL.md:203-215 SKILL.md:215-218 SKILL.md:218-228 SKILL.md:228-242 SKILL.md:242-257 SKILL.md:257-260 SKILL.md:260-276 SKILL.md:276-279 SKILL.md:279-293 SKILL.md:293-294 SKILL.md:294-298 SKILL.md:298-304 SKILL.md:304-305 SKILL.md:305-306 SKILL.md:306-307 SKILL.md:307-310 SKILL.md:310-328 SKILL.md:328-331 SKILL.md:331-343 SKILL.md:343-346 SKILL.md:346-360 SKILL.md:360-361
🌐 Network access (19)
skill-report.json:6 skill-report.json:67 SKILL.md:70 SKILL.md:71 SKILL.md:72 SKILL.md:85 SKILL.md:89 SKILL.md:142 SKILL.md:156 SKILL.md:159 SKILL.md:205 SKILL.md:208 SKILL.md:211 SKILL.md:226 SKILL.md:381 SKILL.md:382 SKILL.md:383 SKILL.md:196 SKILL.md:198
📁 Filesystem access (1)
SKILL.md:142

Audit version 3

Safe

Jan 17, 2026, 09:28 AM

Pure documentation skill containing only static markdown templates. No executable code, no file system access, no network calls. All 70 static findings are false positives: markdown code blocks were misidentified as Ruby/shell backticks, example URLs were flagged as hardcoded network addresses, and SQL/YAML content was misidentified as weak cryptographic algorithms. The skill generates text templates only.

2
Files scanned
589
Lines analyzed
3
findings
claude
Audited by
No security issues found

Risk Factors

⚙️ External commands (40)
skill-report.json:67 SKILL.md:32-42 SKILL.md:42-48 SKILL.md:48-65 SKILL.md:65-66 SKILL.md:66-67 SKILL.md:67-77 SKILL.md:77-86 SKILL.md:86-89 SKILL.md:89-105 SKILL.md:105-123 SKILL.md:123-126 SKILL.md:126-147 SKILL.md:147-150 SKILL.md:150-167 SKILL.md:167-170 SKILL.md:170-200 SKILL.md:200-203 SKILL.md:203-215 SKILL.md:215-218 SKILL.md:218-228 SKILL.md:228-242 SKILL.md:242-257 SKILL.md:257-260 SKILL.md:260-276 SKILL.md:276-279 SKILL.md:279-293 SKILL.md:293-294 SKILL.md:294-298 SKILL.md:298-304 SKILL.md:304-305 SKILL.md:305-306 SKILL.md:306-307 SKILL.md:307-310 SKILL.md:310-328 SKILL.md:328-331 SKILL.md:331-343 SKILL.md:343-346 SKILL.md:346-360 SKILL.md:360-361
🌐 Network access (19)
skill-report.json:6 skill-report.json:67 SKILL.md:70 SKILL.md:71 SKILL.md:72 SKILL.md:85 SKILL.md:89 SKILL.md:142 SKILL.md:156 SKILL.md:159 SKILL.md:205 SKILL.md:208 SKILL.md:211 SKILL.md:226 SKILL.md:381 SKILL.md:382 SKILL.md:383 SKILL.md:196 SKILL.md:198
📁 Filesystem access (1)
SKILL.md:142

Audit version 2

Low Risk

Jan 4, 2026, 04:31 PM

Pure documentation skill with static markdown templates. No executable code, no file access, no network calls. Contains example commands for user reference only. Low risk due to embedded example endpoints that require manual copy-paste to execute.

4
Files scanned
633
Lines analyzed
2
findings
claude
Audited by
Low Risk Issues (1)
SKILL.md:85
Example network requests in templates
The templates include example network calls such as `curl -s "http://prometheus:9090/api/v1/query?query=sum(rate(http_requests_total{status=~'5..'}[5m]))"`. These are not executed by the skill, but could be copied and run against internal services. Users must review and customize endpoints before use.

Risk Factors

🌐 Network access (2)
SKILL.md:70-72 SKILL.md:85-89

Audit version 1

Low Risk

Jan 4, 2026, 04:31 PM

Pure documentation skill with static markdown templates. No executable code, no file access, no network calls. Contains example commands for user reference only. Low risk due to embedded example endpoints that require manual copy-paste to execute.

4
Files scanned
633
Lines analyzed
2
findings
claude
Audited by
Low Risk Issues (1)
SKILL.md:85
Example network requests in templates
The templates include example network calls such as `curl -s "http://prometheus:9090/api/v1/query?query=sum(rate(http_requests_total{status=~'5..'}[5m]))"`. These are not executed by the skill, but could be copied and run against internal services. Users must review and customize endpoints before use.

Risk Factors

🌐 Network access (2)
SKILL.md:70-72 SKILL.md:85-89
← Back to Skill