Scan Report
15 /100
oneshot-ship
Ship code with oneshot CLI - plan/execute/review/PR automation pipeline
A legitimate code-shipping automation tool documented in SKILL.md with no malicious behavior detected; credential storage in plaintext is a standard security concern but not malicious.
Safe to install
Review the credential storage approach in config.json if implementing; consider using keyring instead of plaintext file storage for API keys.
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | Plaintext API Key Storage Credential Theft | SKILL.md:72 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | Creates git worktrees, writes config files, manages repo files |
| Network | READ | READ | ✓ Aligned | SSH connections, API calls to Anthropic/OpenAI/GitHub/Linear |
| Shell | WRITE | WRITE | ✓ Aligned | Executes Claude Code CLI, Codex CLI, GitHub CLI commands |
| Environment | READ | READ | ✓ Aligned | Reads ANTHROPIC_API_KEY, OPENAI_API_KEY from environment |
1 findings
Medium External URL 外部 URL
https://docs.anthropic.com/en/docs/claude-code SKILL.md:44 File Tree
1 files · 4.7 KB · 133 lines Markdown 1f · 133L
└─
SKILL.md
Markdown
Security Positives
✓ MIT licensed, open source (github.com/ADWilkinson/oneshot-cli)
✓ Uses documented, legitimate tools (Claude Code, Codex, GitHub CLI)
✓ Worktree isolation protects main branch from corruption
✓ Per-step timeouts prevent runaway processes
✓ No obfuscation or suspicious encoded content
✓ No hidden instructions in documentation
✓ Clear and comprehensive documentation
✓ No curl|bash remote script execution patterns
✓ No base64-encoded payloads or eval() calls