skills/cat-xierluo/legal-skills/tingwu-asr/Socket

tingwu-asr

Warn

Audited by Socket on May 3, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

该技能整体目的与能力基本一致：云端转录需要上传媒体并访问阿里云接口，未见明显恶意窃取或外传到无关第三方域名。主要风险在于它绕过官方 OpenAPI，改用网页 Cookie 和逆向 REST 接口，并鼓励保存账号密码/Cookie 与自动签到；这更像高风险的非官方集成，而非确认恶意。综合判断为 SUSPICIOUS。

Confidence: 88%Severity: 68%

Audit Metadata

Analyzed At

May 3, 2026, 06:10 AM

Package URL

pkg:socket/skills-sh/cat-xierluo%2Flegal-skills%2Ftingwu-asr%2F@442521de8ae4610a0586d49b8ea4d749bc32c6a7