False positive: MALWAR-PERSIST-002 triggers on benign documentation text #2
Description
Problem
Rule MALWAR-PERSIST-002 (file system modification detection) triggers on Anthropic's official skill-creator skill, which is benign. The rule flags lines 91-92 which contain documentation about file management best practices — not actual file system modification commands.
Scan output:
anthropic_skill_creator.md → MALICIOUS (risk: 100)
MALWAR-PERSIST-002 at L91: "If files are large (>10k words), include grep search patterns in SKILL.md"
MALWAR-PERSIST-002 at L92: "Information should live in either SKILL.md or references files, not both"
Expected Behavior
This skill should be rated CLEAN. The rule should distinguish between actual commands that modify files and documentation text that mentions files.
How to Fix
- Look at the rule definition for
MALWAR-PERSIST-002insrc/malwar/rules/ - The regex pattern is too broad — it matches the word "file" in general documentation context
- Tighten the pattern to require actual command syntax (e.g.,
mkdir,mv,cp,write_to, shell redirects) rather than prose mentioning files - Add
tests/fixtures/skills/real/benign/anthropic_skill_creator.mdas a regression test
Test File
The skill that triggers this false positive is at: tests/fixtures/skills/real/benign/anthropic_skill_creator.md