xiaolvs-pipeline

Warn

Audited by Socket on Jun 29, 2026

2 alerts found:

SecurityAnomaly
SecurityMEDIUM
SKILL.md
AnomalyLOW
scripts/start_tunnel.sh

This Bash script is an SSH reverse-tunneling helper that exposes a chosen local port (default 5001) to the public internet through localhost.run for webhook/callback use. It does not directly exhibit classic malware behaviors (no exfiltration routines, persistence, or obfuscated execution), but it materially increases security risk by (1) disabling SSH host key verification and (2) making the forwarded local service externally reachable via a third-party tunnel provider. Treat as security-sensitive operational networking code; verify the forwarded service is intended and hardened, and avoid StrictHostKeyChecking=no in threat-sensitive environments.

Confidence: 68%Severity: 60%
Audit Metadata
Analyzed At
Jun 29, 2026, 02:01 AM
Package URL
pkg:socket/skills-sh/ajaxhe%2Fxiaolvs-skills%2Fxiaolvs-pipeline%2F@5ad6e5abadaf1636f5ed8b8b7a9b75c0ef467cde5bf8f4462bfb86b091c37b15
Security Audit — socket — xiaolvs-pipeline