okf

Warn

Audited by Socket on Jun 23, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s core file-oriented OKF guidance is broadly consistent with its stated purpose and shows no clear credential theft or exfiltration. However, trust is weakened by GitHub-based skill installation, unresolved provenance of the claimed Google upstream, unverified local installer script, and transitive skill-install patterns. Overall this is a medium-risk skill with supply-chain concerns rather than confirmed malware.

Confidence: 84%Severity: 58%
Audit Metadata
Analyzed At
Jun 23, 2026, 09:17 AM
Package URL
pkg:socket/skills-sh/akillness%2Foh-my-skills%2Fokf%2F@4b12783dd2c936fd41d53cb117460321583b7b0548e93e713e8c7f5a535325f6
Security Audit — socket — okf