技能 dependency-upgrade 审计历史
📦

审计历史

dependency-upgrade - 5 审计

审计版本 5

最新 低风险

Jan 21, 2026, 07:15 PM

This skill provides documentation and guidance for dependency management workflows. All static findings are false positives: the external commands are example bash/npm commands in documentation, filesystem operations are example migration scripts, and weak crypto detections are from the word 'MD5' in version strings. The skill contains no executable code and poses no security risk.

2
已扫描文件
1,190
分析行数
1
发现项
claude
审计者
低风险问题 (1)
SKILL.md:22-376
Documentation Contains Command Examples
The SKILL.md file contains numerous example bash commands for dependency management (npm, yarn, git). These are educational examples showing proper dependency upgrade workflows, not executable code. Users must manually execute these commands in their own environments.

审计版本 4

中风险

Jan 17, 2026, 08:22 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
已扫描文件
586
分析行数
3
发现项
claude
审计者
未发现安全问题

风险因素

🌐 网络访问 (2)
skill-report.json:6 SKILL.md:162
⚙️ 外部命令 (42)
SKILL.md:22-32 SKILL.md:32-37 SKILL.md:37-50 SKILL.md:50-53 SKILL.md:53-64 SKILL.md:64-68 SKILL.md:68-93 SKILL.md:93-98 SKILL.md:98-112 SKILL.md:112-115 SKILL.md:115-135 SKILL.md:135-138 SKILL.md:138-152 SKILL.md:152-157 SKILL.md:157-163 SKILL.md:163-166 SKILL.md:166-175 SKILL.md:175-178 SKILL.md:178-202 SKILL.md:202-207 SKILL.md:207-213 SKILL.md:213-216 SKILL.md:216-229 SKILL.md:229-232 SKILL.md:232-240 SKILL.md:240-243 SKILL.md:243-254 SKILL.md:254-259 SKILL.md:259-277 SKILL.md:277-280 SKILL.md:280-294 SKILL.md:294-298 SKILL.md:298-320 SKILL.md:320-325 SKILL.md:325-333 SKILL.md:333-336 SKILL.md:336-342 SKILL.md:342-345 SKILL.md:345-351 SKILL.md:351-376 SKILL.md:376-399 SKILL.md:300
📁 文件系统访问 (4)
SKILL.md:185 SKILL.md:199 SKILL.md:185 SKILL.md:199

检测到的模式

Hardcoded URLWeak cryptographic algorithmRuby/shell backtick executionUnix shell invocationNode.js fs operationsSynchronous file operations

审计版本 3

中风险

Jan 17, 2026, 08:22 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
已扫描文件
586
分析行数
3
发现项
claude
审计者
未发现安全问题

风险因素

🌐 网络访问 (2)
skill-report.json:6 SKILL.md:162
⚙️ 外部命令 (42)
SKILL.md:22-32 SKILL.md:32-37 SKILL.md:37-50 SKILL.md:50-53 SKILL.md:53-64 SKILL.md:64-68 SKILL.md:68-93 SKILL.md:93-98 SKILL.md:98-112 SKILL.md:112-115 SKILL.md:115-135 SKILL.md:135-138 SKILL.md:138-152 SKILL.md:152-157 SKILL.md:157-163 SKILL.md:163-166 SKILL.md:166-175 SKILL.md:175-178 SKILL.md:178-202 SKILL.md:202-207 SKILL.md:207-213 SKILL.md:213-216 SKILL.md:216-229 SKILL.md:229-232 SKILL.md:232-240 SKILL.md:240-243 SKILL.md:243-254 SKILL.md:254-259 SKILL.md:259-277 SKILL.md:277-280 SKILL.md:280-294 SKILL.md:294-298 SKILL.md:298-320 SKILL.md:320-325 SKILL.md:325-333 SKILL.md:333-336 SKILL.md:336-342 SKILL.md:342-345 SKILL.md:345-351 SKILL.md:351-376 SKILL.md:376-399 SKILL.md:300
📁 文件系统访问 (4)
SKILL.md:185 SKILL.md:199 SKILL.md:185 SKILL.md:199

检测到的模式

Hardcoded URLWeak cryptographic algorithmRuby/shell backtick executionUnix shell invocationNode.js fs operationsSynchronous file operations

审计版本 2

安全

Jan 4, 2026, 05:06 PM

Pure documentation skill providing guidance on dependency upgrades. Contains no executable code, network calls, file access, or command execution. All commands shown are illustrative examples for user reference.

4
已扫描文件
605
分析行数
0
发现项
claude
审计者
未发现安全问题

审计版本 1

安全

Jan 4, 2026, 05:06 PM

Pure documentation skill providing guidance on dependency upgrades. Contains no executable code, network calls, file access, or command execution. All commands shown are illustrative examples for user reference.

4
已扫描文件
605
分析行数
0
发现项
claude
审计者
未发现安全问题
← 返回技能