skill-eval

Fail

Audited by Socket on Jun 17, 2026

8 alerts found:

Anomalyx3Securityx4Malware
AnomalyLOW
SKILL.md

SUSPICIOUS due to install-trust ambiguity, not because of the stated evaluation purpose. The capability set matches a skill-auditing tool, but the fragmented provenance for the `skill-eval` CLI and transitive skill-install path raise medium supply-chain risk.

Confidence: 100%Severity: 60%
SecurityMEDIUM
evals/files/over-permissioned/SKILL.md
MalwareHIGH
tests/fixtures/bad-skill/SKILL.md

MALICIOUS. The skill's footprint is fundamentally incompatible with any legitimate purpose: it executes arbitrary code, reads SSH keys, installs unverified software, and exfiltrates data to attacker-controlled domains. Multiple critical signals compound into confirmed malicious intent.

Confidence: 60%Severity: 90%
SecurityMEDIUM
evals/files/insecure-installer/SKILL.md
SecurityMEDIUM
examples/f-to-a-improvement/before/SKILL.md
SecurityMEDIUM
tests/fixtures/mcp-skill/SKILL.md
AnomalyLOW
examples/lifecycle-demo/v1/SKILL.md

SUSPICIOUS: the stated purpose is narrow, but the skill asks for a GitHub token and broad Bash access without showing why. No explicit malware or exfiltration is visible in the provided text, yet the unseen script makes credential handling unverifiable and disproportionate to simple PR-name checking.

Confidence: 100%Severity: 60%
AnomalyLOW
examples/golden-dataset/bad-skills/sloppy-weather/SKILL.md

SUSPICIOUS. The stated purpose is benign, but the skill is over-permissioned for a weather lookup and includes a hardcoded shared-looking API key that does not match the provider’s normal per-user key model. No clear malicious exfiltration is shown, but the footprint is sloppier and broader than necessary.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 17, 2026, 01:32 AM
Package URL
pkg:socket/skills-sh/aws-samples%2Fsample-agent-skill-eval%2Fskill-eval%2F@13b2277b300d2beafa09bbbe425ca0cc41f34c8d
Security Audit — socket — skill-eval