技能 managing-workflow 審計紀錄
📦

審計紀錄

managing-workflow - 6 審計

審計版本 6

最新 中風險

Jun 28, 2026, 05:15 PM

The static report overstates risk because many high alerts are false positives from Markdown examples, relative imports, and template placeholders. The real risk is moderate: the skill intentionally runs local Node scripts and those scripts can read, write, or move files based on command arguments without strict path validation.

8
已掃描檔案
917
分析行數
8
發現
codex
審計單位
中風險問題 (2)
scripts/update-status.js:7-19scripts/log-activity.js:7-69scripts/archive-feature.js:8-75
Unrestricted Local File Modification Utilities
The helper scripts accept file paths or feature identifiers from command arguments and then read, write, or move files. This supports the intended .spec workflow, but missing path confinement could let a bad invocation modify files outside the expected workflow area.
SKILL.md:24-29SKILL.md:80-87SKILL.md:96-106SKILL.md:340-351SKILL.md:395-397
Bash-Based Workflow Execution
The skill instructs the assistant to run local Node scripts through Bash for context loading, validation, status updates, logging, and archiving. This is legitimate for the workflow, but publication should warn users that the skill requires local command execution permissions.
低風險問題 (2)
scripts/context-loader.js:10-14
Environment Variable Used for Project Directory Selection
The context loader reads CLAUDE_PROJECT_DIR and otherwise falls back to the current directory. I found no evidence that environment values are sent over the network or used to collect secrets, but a manipulated value could redirect workflow inspection.
scripts/archive-feature.js:5scripts/context-loader.js:5-6scripts/validate-phase.js:5-6SKILL.md:56-73
Static High-Risk Pattern Alerts Are Mostly False Positives
The reported weak cryptography and path traversal alerts mostly map to Markdown placeholders, status text, and relative imports to shared utilities. I found no evidence of cryptographic operations, obfuscation, network exfiltration, or prompt injection attempts in the reviewed files.

風險因素

⚡ 包含腳本 (5)
scripts/archive-feature.js:1 scripts/context-loader.js:1 scripts/log-activity.js:1 scripts/update-status.js:1 scripts/validate-phase.js:1
⚙️ 外部命令 (5)
SKILL.md:24-29 SKILL.md:80-87 SKILL.md:96-106 SKILL.md:340-351 SKILL.md:395-397
📁 檔案系統存取 (8)
scripts/archive-feature.js:21-25 scripts/archive-feature.js:45-63 scripts/archive-feature.js:70-75 scripts/log-activity.js:20-28 scripts/log-activity.js:69 scripts/update-status.js:15-19 scripts/validate-phase.js:39 scripts/validate-phase.js:56
🔑 環境變數 (1)
scripts/context-loader.js:10

偵測到的模式

Command Argument Paths Used in File WritesFeature Identifier Used in Archive Path Construction

審計版本 5

安全

Jan 16, 2026, 07:21 PM

This is a legitimate workflow management skill for specification-driven development. All code operates locally within the project .spec directory. No network access, no credential handling, and no external command execution beyond controlled Node.js script invocations. Behavior matches stated purpose.

9
已掃描檔案
1,207
分析行數
3
發現
claude
審計單位
未發現安全問題

風險因素

⚡ 包含腳本 (5)
scripts/archive-feature.js:1-84 scripts/context-loader.js:1-51 scripts/log-activity.js:1-79 scripts/update-status.js:1-28 scripts/validate-phase.js:1-78
📁 檔案系統存取 (3)
scripts/archive-feature.js:15-18 scripts/update-status.js:14-19 scripts/log-activity.js:27-69
🔑 環境變數 (1)
scripts/context-loader.js:10

審計版本 4

安全

Jan 16, 2026, 07:21 PM

This is a legitimate workflow management skill for specification-driven development. All code operates locally within the project .spec directory. No network access, no credential handling, and no external command execution beyond controlled Node.js script invocations. Behavior matches stated purpose.

9
已掃描檔案
1,207
分析行數
3
發現
claude
審計單位
未發現安全問題

風險因素

⚡ 包含腳本 (5)
scripts/archive-feature.js:1-84 scripts/context-loader.js:1-51 scripts/log-activity.js:1-79 scripts/update-status.js:1-28 scripts/validate-phase.js:1-78
📁 檔案系統存取 (3)
scripts/archive-feature.js:15-18 scripts/update-status.js:14-19 scripts/log-activity.js:27-69
🔑 環境變數 (1)
scripts/context-loader.js:10

審計版本 3

安全

Jan 10, 2026, 11:39 AM

This is a legitimate workflow management skill for specification-driven development. All code operates locally within the project .spec directory. No network access, no credential handling, and no external command execution beyond controlled Node.js script invocations. Behavior matches stated purpose.

8
已掃描檔案
892
分析行數
3
發現
claude
審計單位
未發現安全問題

風險因素

⚡ 包含腳本 (5)
scripts/archive-feature.js:1-84 scripts/log-activity.js:1-79 scripts/context-loader.js:1-51 scripts/validate-phase.js:1-78 scripts/update-status.js:1-28
📁 檔案系統存取 (3)
scripts/archive-feature.js:15-18 scripts/update-status.js:14-19 scripts/log-activity.js:27-69
🔑 環境變數 (1)
scripts/context-loader.js:10

審計版本 2

安全

Jan 10, 2026, 11:39 AM

This is a legitimate workflow management skill for specification-driven development. All code operates locally within the project .spec directory. No network access, no credential handling, and no external command execution beyond controlled Node.js script invocations. Behavior matches stated purpose.

8
已掃描檔案
892
分析行數
3
發現
claude
審計單位
未發現安全問題

風險因素

⚡ 包含腳本 (5)
scripts/archive-feature.js:1-84 scripts/log-activity.js:1-79 scripts/context-loader.js:1-51 scripts/validate-phase.js:1-78 scripts/update-status.js:1-28
📁 檔案系統存取 (3)
scripts/archive-feature.js:15-18 scripts/update-status.js:14-19 scripts/log-activity.js:27-69
🔑 環境變數 (1)
scripts/context-loader.js:10

審計版本 1

安全

Jan 10, 2026, 11:39 AM

This is a legitimate workflow management skill for specification-driven development. All code operates locally within the project .spec directory. No network access, no credential handling, and no external command execution beyond controlled Node.js script invocations. Behavior matches stated purpose.

8
已掃描檔案
892
分析行數
3
發現
claude
審計單位
未發現安全問題

風險因素

⚡ 包含腳本 (5)
scripts/archive-feature.js:1-84 scripts/log-activity.js:1-79 scripts/context-loader.js:1-51 scripts/validate-phase.js:1-78 scripts/update-status.js:1-28
📁 檔案系統存取 (3)
scripts/archive-feature.js:15-18 scripts/update-status.js:14-19 scripts/log-activity.js:27-69
🔑 環境變數 (1)
scripts/context-loader.js:10
← 回到技能