Skills
skills/0xshe/php-code-audit-skill/php-xxe-audit/Socket

php-xxe-audit

Warn

Audited by Socket on Apr 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能与其声明目的基本一致:本地分析 PHP 源码中的 XXE 风险并输出证据化报告。未见凭证窃取、外部数据转发或可疑安装链,因此不像恶意技能;但其核心能力属于漏洞发现与 PoC 生成的安全/利用工具,对 AI 代理来说本身是高敏感能力,应归为可疑而非良性。

Confidence: 88%Severity: 72%
Audit Metadata
Analyzed At
Apr 16, 2026, 08:51 AM
Package URL
pkg:socket/skills-sh/0xshe%2Fphp-code-audit-skill%2Fphp-xxe-audit%2F@4ad9cf1cb6fe09c88cb756d76dfde108f403e88b
Security Audit — socket — php-xxe-audit