審計紀錄 - ffind

審計版本 6

高風險問題 (1)

SKILL.md:39 SKILL.md:51 SKILL.md:61 SKILL.md:66

Sudo-Based Filesystem Extraction

TRUE_POSITIVE: The skill states that extraction requires sudo and shows sudo ffind commands. Running filesystem extraction as root on untrusted firmware can expose the host to parser, mount, and file ownership risks.

中風險問題 (2)

SKILL.md:24-29 SKILL.md:45-47 SKILL.md:54-57

External Command Execution on User Paths

TRUE_POSITIVE: The skill instructs agents to run ffind commands against paths supplied by the user. This is expected for the tool, but it can still execute local tooling against untrusted files and directories.

SKILL.md:40 SKILL.md:61

Filesystem Writes to Temporary Extraction Paths

TRUE_POSITIVE: The skill documents default extraction under /tmp and a custom /tmp extraction example. Extraction can create many files, preserve unusual metadata, or overwrite careless output locations if not isolated.

低風險問題 (1)

SKILL.md:3 SKILL.md:12

Weak Cryptography Static Finding Is Not Supported

FALSE_POSITIVE: The static weak cryptography hits appear tied to ext2, ext3, ext4, or F2FS filesystem text. No cryptographic algorithm, hash function, or encryption operation is described in the skill file.

風險因素

⚙️ 外部命令 (8)

SKILL.md:25-29 SKILL.md:32-34 SKILL.md:45-47 SKILL.md:49-52 SKILL.md:54-57 SKILL.md:59-62 SKILL.md:39 SKILL.md:66

📁 檔案系統存取 (2)

SKILL.md:40 SKILL.md:61

偵測到的模式

Privileged External Tool Invocation

審計版本 5

安全

Jan 16, 2026, 07:58 PM

This is a documentation-only skill containing markdown instructions for the external ffind CLI tool. No executable code, network calls, or file system operations exist within the skill itself. All 41 static findings are false positives triggered by documentation patterns: sudo mentions document tool requirements, backticks are markdown code formatting, filesystem type identifiers (ext2/3/4) were misidentified as cryptographic algorithms, and temp directory references are documentation of tool behavior.

2

已掃描檔案

247

分析行數

2

發現

claude

審計單位

未發現安全問題

風險因素

⚙️ 外部命令 (21)

📁 檔案系統存取 (2)

SKILL.md:40 SKILL.md:61

審計版本 4

安全

Jan 16, 2026, 07:58 PM

This is a documentation-only skill containing markdown instructions for the external ffind CLI tool. No executable code, network calls, or file system operations exist within the skill itself. All 41 static findings are false positives triggered by documentation patterns: sudo mentions document tool requirements, backticks are markdown code formatting, filesystem type identifiers (ext2/3/4) were misidentified as cryptographic algorithms, and temp directory references are documentation of tool behavior.

2

已掃描檔案

247

分析行數

2

發現

claude

審計單位

未發現安全問題

風險因素

⚙️ 外部命令 (21)

📁 檔案系統存取 (2)

SKILL.md:40 SKILL.md:61

審計版本 3

安全

Jan 10, 2026, 11:32 AM

Pure prompt-based skill containing only documentation and usage instructions. No executable code, no file system access, no network calls, and no external command execution within the skill itself.

1

已掃描檔案

70

分析行數

0

發現

claude

審計單位

未發現安全問題

審計版本 2

安全

Jan 10, 2026, 11:32 AM

Pure prompt-based skill containing only documentation and usage instructions. No executable code, no file system access, no network calls, and no external command execution within the skill itself.

1

已掃描檔案

70

分析行數

0

發現

claude

審計單位

未發現安全問題

審計版本 1

安全

Jan 10, 2026, 11:32 AM

Pure prompt-based skill containing only documentation and usage instructions. No executable code, no file system access, no network calls, and no external command execution within the skill itself.

1

已掃描檔案

70

分析行數

0

發現

claude

審計單位

未發現安全問題