📦

審計歷史

blocklet-converter - 6 審計

審計版本 6

最新 安全

Jan 21, 2026, 04:13 PM

This skill is safe for publication. The 125 static findings are false positives from template files and documentation examples. The skill executes legitimate build commands for converting web projects to blocklets. No malicious patterns, data exfiltration, or unauthorized network access detected.

9
已掃描檔案
1,642
分析行數
2
發現項
claude
審計者
低風險問題 (1)
Template Files Contain Placeholder Code
Static analysis flagged code patterns in template files and documentation examples. These are legitimate template placeholders for Next.js server configuration and YAML templates that will be copied to user projects. The skill does not execute malicious code.

審計版本 5

中風險

Jan 16, 2026, 04:11 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

9
已掃描檔案
699
分析行數
3
發現項
claude
審計者
未發現安全問題

偵測到的模式

Hardcoded IP addressEnvironment variable access (dot notation)Environment variable objectEnvironment file accessSystem reconnaissanceRuby/shell backtick executionWeak cryptographic algorithmHardcoded URL[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

審計版本 4

中風險

Jan 16, 2026, 04:11 PM

AI analysis failed after multiple attempts - MANUAL REVIEW REQUIRED before publishing. This skill cannot be auto-published until reviewed by a human.

9
已掃描檔案
699
分析行數
3
發現項
claude
審計者
未發現安全問題

偵測到的模式

Hardcoded IP addressEnvironment variable access (dot notation)Environment variable objectEnvironment file accessSystem reconnaissanceRuby/shell backtick executionWeak cryptographic algorithmHardcoded URL[HEURISTIC] DANGEROUS COMBINATION: Code execution + Network + Credential access

審計版本 3

低風險

Jan 10, 2026, 10:22 AM

This is a legitimate ArcBlock blocklet converter skill that converts static web and Next.js projects into deployable blocklet packages. The skill runs standard build commands and generates configuration files using the official blocklet CLI. All capabilities are appropriate for the stated development tooling purpose.

8
已掃描檔案
398
分析行數
4
發現項
claude
審計者
未發現安全問題

風險因素

審計版本 2

低風險

Jan 10, 2026, 10:22 AM

This is a legitimate ArcBlock blocklet converter skill that converts static web and Next.js projects into deployable blocklet packages. The skill runs standard build commands and generates configuration files using the official blocklet CLI. All capabilities are appropriate for the stated development tooling purpose.

8
已掃描檔案
398
分析行數
4
發現項
claude
審計者
未發現安全問題

風險因素

審計版本 1

低風險

Jan 10, 2026, 10:22 AM

This is a legitimate ArcBlock blocklet converter skill that converts static web and Next.js projects into deployable blocklet packages. The skill runs standard build commands and generates configuration files using the official blocklet CLI. All capabilities are appropriate for the stated development tooling purpose.

8
已掃描檔案
398
分析行數
4
發現項
claude
審計者
未發現安全問題

風險因素