Risk audit

malys · November 18, 2025, 7:11pm

Risk Audit

Description

The Enhanced Risk Audit f for SilverBullet analyzes scripts for potentially dangerous constructs and API calls.
It provides a risk audit report that includes a trust score for each code block, a summary of findings, and a list of rules used to analyze scripts.

Commands

Security: Scan Current Page: Runs the scanner on the current page and generates a risk audit report.
Security: Scan All Children Pages: Scans all child pages of the current page and generates a risk audit report for each page.

Reports

audit1
audit2

Code

In my library,
https://github.com/malys/silverbullet-libraries/blob/main/src/RiskAudit.md

malys · November 18, 2025, 7:13pm

Rules and static analysis must be improved, but it seems correct.

malys · November 20, 2025, 10:41am

Massive improvements:

revert scoring
add more dangerous pattern

malys · November 20, 2025, 11:58am

add some screencasts

rharmonson · November 21, 2025, 8:20pm

I love the idea of auditing and appreciate you sharing your work. I will be taking a closer look at it in the near future.

malys · November 22, 2025, 10:00am

Feel free to contribute and to propose new checking rules.

ChenZhu-Xie · December 1, 2025, 1:53pm

Might it eventually be used as an optional default filter before/after SB imports a library?

This makes SB both powerful (lots of APIs) and secure (with API restrictions on calls).

malys · December 1, 2025, 7:19pm

yes a hook before to install imported script