審計歷史
uv-package-manager - 4 審計
審計版本 4
最新 安全Jan 17, 2026, 08:41 AM
Documentation-only skill teaching uv package manager usage. Static findings detected shell pipe patterns and PowerShell commands which are the official installation methods from astral.sh. All detected patterns are standard documentation for legitimate software installation and represent false positives.
風險因素
⚙️ 外部命令 (3)
🌐 網路存取 (2)
📁 檔案系統存取 (2)
審計版本 3
安全Jan 17, 2026, 08:41 AM
Documentation-only skill teaching uv package manager usage. Static findings detected shell pipe patterns and PowerShell commands which are the official installation methods from astral.sh. All detected patterns are standard documentation for legitimate software installation and represent false positives.
風險因素
⚙️ 外部命令 (3)
🌐 網路存取 (2)
📁 檔案系統存取 (2)
審計版本 2
嚴重Jan 4, 2026, 04:39 PM
The skill documentation contains download-and-execute patterns (curl | sh and PowerShell remote execution) that pose security risks, along with shell profile modification commands that could be used for persistence.
嚴重問題 (3)
風險因素
⚙️ 外部命令 (3)
偵測到的模式
審計版本 1
嚴重Jan 4, 2026, 04:39 PM
The skill documentation contains download-and-execute patterns (curl | sh and PowerShell remote execution) that pose security risks, along with shell profile modification commands that could be used for persistence.