技能 root-cause-tracing 审计历史
🔍

审计历史

root-cause-tracing - 6 审计

审计版本 6

最新 安全

Jan 21, 2026, 07:48 PM

The skill is legitimate debugging methodology documentation. Static findings are false positives triggered by example shell commands in documentation (npm test, grep) and a bisection script for test pollution detection. SHA256 hash strings in the report were misidentified as cryptographic vulnerabilities or C2 keywords. No malicious intent or actual security risks present.

3
已扫描文件
919
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

⚙️ 外部命令 (33)
find-polluter.sh:22 find-polluter.sh:23 find-polluter.sh:30 find-polluter.sh:1 SKILL.md:16-29 SKILL.md:29-40 SKILL.md:40-42 SKILL.md:42-46 SKILL.md:46-48 SKILL.md:48-51 SKILL.md:51-56 SKILL.md:56-60 SKILL.md:60-61 SKILL.md:61 SKILL.md:61-66 SKILL.md:66-69 SKILL.md:69-75 SKILL.md:75-88 SKILL.md:88-90 SKILL.md:90-93 SKILL.md:93-95 SKILL.md:95-108 SKILL.md:108-110 SKILL.md:110-116 SKILL.md:116 SKILL.md:116-119 SKILL.md:119 SKILL.md:119-122 SKILL.md:122-123 SKILL.md:123-137 SKILL.md:137-157 SKILL.md:157-163 SKILL.md:163-166
📁 文件系统访问 (2)
find-polluter.sh:42 skill-report.json:6

审计版本 5

中风险

Jan 17, 2026, 04:52 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
已扫描文件
452
分析行数
4
发现项
claude
审计者
未发现安全问题

风险因素

⚙️ 外部命令 (33)
find-polluter.sh:22 find-polluter.sh:23 find-polluter.sh:30 find-polluter.sh:1 SKILL.md:16-29 SKILL.md:29-40 SKILL.md:40-42 SKILL.md:42-46 SKILL.md:46-48 SKILL.md:48-51 SKILL.md:51-56 SKILL.md:56-60 SKILL.md:60-61 SKILL.md:61 SKILL.md:61-66 SKILL.md:66-69 SKILL.md:69-75 SKILL.md:75-88 SKILL.md:88-90 SKILL.md:90-93 SKILL.md:93-95 SKILL.md:95-108 SKILL.md:108-110 SKILL.md:110-116 SKILL.md:116 SKILL.md:116-119 SKILL.md:119 SKILL.md:119-122 SKILL.md:122-123 SKILL.md:123-137 SKILL.md:137-157 SKILL.md:157-163 SKILL.md:163-166
📁 文件系统访问 (2)
find-polluter.sh:42 skill-report.json:6
🌐 网络访问 (1)
skill-report.json:6
🔑 环境变量 (2)
SKILL.md:82 SKILL.md:82

检测到的模式

Shell command substitutionUnix shell invocationStandard device file accessHardcoded URLHidden file accessC2 keywordsWeak cryptographic algorithmSystem reconnaissanceRuby/shell backtick executionEnvironment variable access (dot notation)Environment variable objectEnvironment file access[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

审计版本 4

中风险

Jan 17, 2026, 04:52 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

3
已扫描文件
452
分析行数
4
发现项
claude
审计者
未发现安全问题

风险因素

⚙️ 外部命令 (33)
find-polluter.sh:22 find-polluter.sh:23 find-polluter.sh:30 find-polluter.sh:1 SKILL.md:16-29 SKILL.md:29-40 SKILL.md:40-42 SKILL.md:42-46 SKILL.md:46-48 SKILL.md:48-51 SKILL.md:51-56 SKILL.md:56-60 SKILL.md:60-61 SKILL.md:61 SKILL.md:61-66 SKILL.md:66-69 SKILL.md:69-75 SKILL.md:75-88 SKILL.md:88-90 SKILL.md:90-93 SKILL.md:93-95 SKILL.md:95-108 SKILL.md:108-110 SKILL.md:110-116 SKILL.md:116 SKILL.md:116-119 SKILL.md:119 SKILL.md:119-122 SKILL.md:122-123 SKILL.md:123-137 SKILL.md:137-157 SKILL.md:157-163 SKILL.md:163-166
📁 文件系统访问 (2)
find-polluter.sh:42 skill-report.json:6
🌐 网络访问 (1)
skill-report.json:6
🔑 环境变量 (2)
SKILL.md:82 SKILL.md:82

检测到的模式

Shell command substitutionUnix shell invocationStandard device file accessHardcoded URLHidden file accessC2 keywordsWeak cryptographic algorithmSystem reconnaissanceRuby/shell backtick executionEnvironment variable access (dot notation)Environment variable objectEnvironment file access[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access[HEURISTIC] SUSPICIOUS COMBINATION: Filesystem + Credentials + Network

审计版本 3

低风险

Jan 10, 2026, 01:31 PM

Documentation-based debugging methodology skill with a helper bash script for test bisection. No malicious patterns detected. Shell script runs npm test which is expected behavior for test debugging tools.

2
已扫描文件
239
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

⚡ 包含脚本 (1)
find-polluter.sh:1-64
⚙️ 外部命令 (1)
find-polluter.sh:42

审计版本 2

低风险

Jan 10, 2026, 01:31 PM

Documentation-based debugging methodology skill with a helper bash script for test bisection. No malicious patterns detected. Shell script runs npm test which is expected behavior for test debugging tools.

2
已扫描文件
239
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

⚡ 包含脚本 (1)
find-polluter.sh:1-64
⚙️ 外部命令 (1)
find-polluter.sh:42

审计版本 1

低风险

Jan 10, 2026, 01:31 PM

Documentation-based debugging methodology skill with a helper bash script for test bisection. No malicious patterns detected. Shell script runs npm test which is expected behavior for test debugging tools.

2
已扫描文件
239
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

⚡ 包含脚本 (1)
find-polluter.sh:1-64
⚙️ 外部命令 (1)
find-polluter.sh:42
← 返回技能