pr-fix-loop

Warn

Audited by Socket on Jun 24, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core purpose aligns with the capabilities, and the only explicit external tool is official GitHub CLI, so there is no strong malware or credential-harvesting signal in the provided text. However, the skill enables autonomous code changes, pushes, and GitHub write actions based on untrusted PR/CI/comment content, and a referenced command file was not provided, leaving meaningful operational risk and incomplete verifiability.

Confidence: 85%Severity: 64%
Audit Metadata
Analyzed At
Jun 24, 2026, 10:56 AM
Package URL
pkg:socket/skills-sh/arctuition%2Fskills%2Fpr-fix-loop%2F@8151be500d62450ddfe94b89607f2417f59c96f935c466fbc74622fdd20c6fad
Security Audit — socket — pr-fix-loop