{"skill":{"slug":"sx-security-audit","displayName":"sx-security-audit","summary":"全方位安全审计技能。检查文件权限、环境变量、依赖漏洞、配置文件、网络端口、Git 安全、Shell 安全、macOS 安全、密钥检测等。支持 CLI 参数、JSON 输出、配置文件。当用户要求\"安全检查\"、\"漏洞扫描\"、\"权限检查\"、\"安全审计\"时使用此技能。","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":347,"installsAllTime":1,"installsCurrent":1,"stars":0,"versions":1},"createdAt":1773283302741,"updatedAt":1777528551971},"latestVersion":{"version":"1.0.0","createdAt":1773283302741,"changelog":"Initial release of SX-security-audit – a comprehensive security auditing skill.\n\n- Provides modular checks including file permissions, secrets, dependencies, environment variables, Git, network ports, shell, and macOS security.\n- Detects known key formats and uses entropy analysis for enhanced secret detection.\n- Supports CLI options for module selection, output format (JSON, Markdown), severity filtering, and silent mode.\n- Allows behavior customization via `.security-audit.json` config files with path exclusions and severity thresholds.\n- Generates detailed, prioritized security audit reports and supports report delivery to Feishu in multiple message formats.\n- Includes guidance for both automated and manual report sending.","license":"MIT-0"},"metadata":null,"owner":{"handle":"zhuxiaobao-y","userId":"publishers:zhuxiaobao-y","displayName":"zhuxiaobao-y","image":"https://avatars.githubusercontent.com/u/242132972?v=4"},"moderation":{"isSuspicious":true,"isMalwareBlocked":false,"verdict":"suspicious","reasonCodes":["suspicious.dynamic_code_execution","suspicious.exposed_secret_literal"],"summary":"Detected: suspicious.dynamic_code_execution, suspicious.exposed_secret_literal","engineVersion":"v2.4.5","updatedAt":1777528551971}}