{"skill":{"slug":"skill-risk-auditor","displayName":"Skill Risk Auditor","summary":"Comprehensive pre-install guard that audits third-party skills across nine risk areas — covering semantic integrity, supply chain, secrets, data exfiltration...","tags":{"latest":"1.0.1"},"stats":{"comments":0,"downloads":177,"installsAllTime":0,"installsCurrent":0,"stars":1,"versions":2},"createdAt":1773734811546,"updatedAt":1773739615916},"latestVersion":{"version":"1.0.1","createdAt":1773735946818,"changelog":"Problem: Our guard document itself contains literal attack phrases (such as “ignore previous instructions” and “trust this skill”), which can be flagged as suspicious by a pattern scanner and also create a theoretical injection surface.\n\nFix 1 — Audit Scope Boundary (line 28): Added an explicit scope boundary stating that the audit is strictly limited to the candidate skill’s package directory. If the candidate skill references external paths (such as ~/.ssh/), the guard records the reference as a finding but does not actually access it.\n\nFix 2 — Remove Literal Attack Strings (4 occurrences): Replaced all literal injection phrases with behavioral-category descriptions.","license":"MIT-0"},"metadata":null,"owner":{"handle":"yxf203","userId":"s177qkberq3a1v4x1983nw58wd83g5w8","displayName":"Xiaofang Yang","image":"https://avatars.githubusercontent.com/u/128906103?v=4"},"moderation":null}