📦

审计历史

analyzing-component-quality - 6 审计

审计版本 6

最新 中风险

Jun 28, 2026, 06:06 PM

Static analysis reported many command, weak-crypto, credential, and network patterns, but review found most are markdown examples or scoring text. No prompt injection, obfuscation, credential access, or network exfiltration was found. The remaining concern is that the skill grants Bash and ships a helper script that reads a caller-provided local path.

3
已扫描文件
1,431
分析行数
8
发现项
codex
审计者
中风险问题 (1)
Bash Tool and Local Script Execution
The skill grants Bash and documents running quality-scorer.py with a caller-provided path. The helper script reads local component files and prints a report, but Bash permission increases risk if future instructions use untrusted input unsafely.
低风险问题 (3)
Static Weak-Crypto and SAM Findings Are False Positives
The reported weak-cryptography and Windows SAM matches occur in descriptive text, scoring labels, and output formatting. No evidence found of cryptographic functions, SAM database reads, password dumping, or credential collection.
Markdown Command Examples Are Not Runtime Shell Execution
Many external-command detections are fenced markdown examples and inline tool lists. They explain how to assess components and do not execute by themselves.
Documentation URL Does Not Indicate Network Exfiltration
The only network indicator is a documentation link to Claude Code Plugin Documentation. No evidence found that the skill or Python script performs HTTP requests.

检测到的模式

Bash Permission DeclaredUser-Supplied Path Read by Helper Script

审计版本 5

低风险

Jan 16, 2026, 07:29 PM

All 234 static findings are FALSE POSITIVES. The scanner incorrectly flagged documentation examples (YAML frontmatter with allowed-tools including Bash), educational security discussions, and security warning strings as actual security threats. The skill is a pure quality analysis tool with Read-only tool access. The quality-scorer.py script only reads local files for heuristic analysis and outputs text reports. No network operations, no external command execution, no credential access.

4
已扫描文件
1,665
分析行数
2
发现项
claude
审计者
未发现安全问题

审计版本 4

低风险

Jan 16, 2026, 07:29 PM

All 234 static findings are FALSE POSITIVES. The scanner incorrectly flagged documentation examples (YAML frontmatter with allowed-tools including Bash), educational security discussions, and security warning strings as actual security threats. The skill is a pure quality analysis tool with Read-only tool access. The quality-scorer.py script only reads local files for heuristic analysis and outputs text reports. No network operations, no external command execution, no credential access.

4
已扫描文件
1,665
分析行数
2
发现项
claude
审计者
未发现安全问题

审计版本 3

低风险

Jan 10, 2026, 11:44 AM

Pure quality analysis skill with no malicious capabilities. The Python script reads local files for heuristic analysis only. No network operations, no external command execution, no credential access.

3
已扫描文件
481
分析行数
2
发现项
claude
审计者
未发现安全问题

审计版本 2

低风险

Jan 10, 2026, 11:44 AM

Pure quality analysis skill with no malicious capabilities. The Python script reads local files for heuristic analysis only. No network operations, no external command execution, no credential access.

3
已扫描文件
481
分析行数
2
发现项
claude
审计者
未发现安全问题

审计版本 1

低风险

Jan 10, 2026, 11:44 AM

Pure quality analysis skill with no malicious capabilities. The Python script reads local files for heuristic analysis only. No network operations, no external command execution, no credential access.

3
已扫描文件
481
分析行数
2
发现项
claude
审计者
未发现安全问题