審計紀錄
onvifscan - 6 審計
審計版本 6
最新 高風險Jun 28, 2026, 05:08 PM
Static backtick, hardcoded IP, hardcoded URL, and weak-cryptography findings are mostly false positives from Markdown examples and prose. However, the skill explicitly instructs network scanning, credential brute forcing, and use of an option that may test destructive endpoints. This is a high-risk dual-use security skill and should not be published without authorization safeguards and abuse controls.
高風險問題 (3)
中風險問題 (1)
低風險問題 (3)
風險因素
偵測到的模式
審計版本 5
低風險Jan 16, 2026, 08:10 PM
All 57 static findings are FALSE POSITIVES. This is a legitimate prompt wrapper skill for ONVIF security auditing. Pattern matches for Metasploit, C2 keywords, and weak crypto are triggered by documentation text and repository names, not actual malicious code. The skill is a markdown documentation file that provides structured access to the onvifscan binary for authorized security assessments. Built-in safeguards include rate limiting (20 attempts max) and warnings about potentially destructive endpoints.
風險因素
🌐 網路存取 (9)
⚙️ 外部命令 (21)
審計版本 4
低風險Jan 16, 2026, 08:10 PM
All 57 static findings are FALSE POSITIVES. This is a legitimate prompt wrapper skill for ONVIF security auditing. Pattern matches for Metasploit, C2 keywords, and weak crypto are triggered by documentation text and repository names, not actual malicious code. The skill is a markdown documentation file that provides structured access to the onvifscan binary for authorized security assessments. Built-in safeguards include rate limiting (20 attempts max) and warnings about potentially destructive endpoints.
風險因素
🌐 網路存取 (9)
⚙️ 外部命令 (21)
審計版本 3
低風險Jan 10, 2026, 11:38 AM
This is a prompt wrapper skill for a legitimate ONVIF security auditing tool. The skill itself contains only documentation and instructions for using the external onvifscan binary. The tool provides authentication testing and credential brute-forcing capabilities designed for authorized security assessments of IP cameras and ONVIF devices. Built-in safeguards include rate limiting and warnings about potentially destructive endpoints.
低風險問題 (1)
審計版本 2
低風險Jan 10, 2026, 11:38 AM
This is a prompt wrapper skill for a legitimate ONVIF security auditing tool. The skill itself contains only documentation and instructions for using the external onvifscan binary. The tool provides authentication testing and credential brute-forcing capabilities designed for authorized security assessments of IP cameras and ONVIF devices. Built-in safeguards include rate limiting and warnings about potentially destructive endpoints.
低風險問題 (1)
審計版本 1
低風險Jan 10, 2026, 11:38 AM
This is a prompt wrapper skill for a legitimate ONVIF security auditing tool. The skill itself contains only documentation and instructions for using the external onvifscan binary. The tool provides authentication testing and credential brute-forcing capabilities designed for authorized security assessments of IP cameras and ONVIF devices. Built-in safeguards include rate limiting and warnings about potentially destructive endpoints.