技能 hybrid-search-implementation 审计历史
🔍

审计历史

hybrid-search-implementation - 5 审计

审计版本 5

最新 安全

Jan 21, 2026, 07:22 PM

All static findings are false positives. The skill contains documentation templates for hybrid search algorithms (RRF, linear fusion) with PostgreSQL, Elasticsearch, and custom RAG pipelines. Static scanner misidentified mathematical formulas as crypto operations, markdown code fences as command execution, and benign terminology as security risks. No malicious code or credential exfiltration present.

2
已扫描文件
1,169
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

⚡ 包含脚本 (1)
SKILL.md:41-110
📁 文件系统访问 (1)
SKILL.md:1-569

审计版本 4

中风险

Jan 17, 2026, 09:23 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
已扫描文件
764
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

🌐 网络访问 (5)
skill-report.json:6 SKILL.md:173 SKILL.md:566 SKILL.md:567 SKILL.md:568
⚙️ 外部命令 (9)
SKILL.md:22-26 SKILL.md:26-41 SKILL.md:41-110 SKILL.md:110-114 SKILL.md:114-246 SKILL.md:246-250 SKILL.md:250-397 SKILL.md:397-401 SKILL.md:401-547

检测到的模式

Hardcoded URLWeak cryptographic algorithmSystem reconnaissanceRuby/shell backtick executionFetch API callCertificate/key files[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

审计版本 3

中风险

Jan 17, 2026, 09:23 AM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

2
已扫描文件
764
分析行数
2
发现项
claude
审计者
未发现安全问题

风险因素

🌐 网络访问 (5)
skill-report.json:6 SKILL.md:173 SKILL.md:566 SKILL.md:567 SKILL.md:568
⚙️ 外部命令 (9)
SKILL.md:22-26 SKILL.md:26-41 SKILL.md:41-110 SKILL.md:110-114 SKILL.md:114-246 SKILL.md:246-250 SKILL.md:250-397 SKILL.md:397-401 SKILL.md:401-547

检测到的模式

Hardcoded URLWeak cryptographic algorithmSystem reconnaissanceRuby/shell backtick executionFetch API callCertificate/key files[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

审计版本 2

低风险

Jan 4, 2026, 04:30 PM

Documentation-only skill with Python templates for hybrid search. Templates show database connections (PostgreSQL, Elasticsearch) which implies network access in user implementations. No credential access, file system writes, or command execution. Risk is limited to standard template patterns.

4
已扫描文件
807
分析行数
1
发现项
claude
审计者
未发现安全问题

风险因素

🌐 网络访问 (2)
SKILL.md:115-246 SKILL.md:248-397

审计版本 1

低风险

Jan 4, 2026, 04:30 PM

Documentation-only skill with Python templates for hybrid search. Templates show database connections (PostgreSQL, Elasticsearch) which implies network access in user implementations. No credential access, file system writes, or command execution. Risk is limited to standard template patterns.

4
已扫描文件
807
分析行数
1
发现项
claude
审计者
未发现安全问题

风险因素

🌐 网络访问 (2)
SKILL.md:115-246 SKILL.md:248-397
← 返回技能