skills/daemon-blockint-tech/project-raven-d3fend/raven-zero-day-hunter/Socket

raven-zero-day-hunter

Warn

Audited by Socket on Jun 16, 2026

6 alerts found:

Anomalyx2Securityx4

Anomalydevsec-mythos-class/SKILL.md

LOW

AnomalyLOW

devsec-mythos-class/SKILL.md

SUSPICIOUS rather than malicious. The skill is largely coherent with its stated DevSec review purpose and uses mostly official GitHub-facing data flows, but it gives an AI agent substantial security-audit capability, executes analysis tooling on untrusted code, and can autonomously influence merge outcomes. No clear credential harvesting or deceptive exfiltration is present, so this is high-privilege defender automation with moderate security risk, not confirmed malware.

Confidence: 100%Severity: 60%

Securityresearch-looped-reasoning-eval/SKILL.md

MEDIUM

SecurityMEDIUM

research-looped-reasoning-eval/SKILL.md

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

Securitymulti-agent-orchestrator/SKILL.md

MEDIUM

SecurityMEDIUM

multi-agent-orchestrator/SKILL.md

Anomalyzero-day-detection/SKILL.md

LOW

AnomalyLOW

zero-day-detection/SKILL.md

SUSPICIOUS: the skill is internally coherent as a security-detection front end, but it grants an AI agent substantial security-scanning and continuous-monitoring capability over sensitive private artifacts and live telemetry. The main concerns are agentic offensive-security functionality, unclear provenance of the referenced internal implementation, and incomplete disclosure of external data-routing details rather than confirmed malware or credential theft.

Confidence: 100%Severity: 60%

Securityzero-day-investigator/SKILL.md

MEDIUM

SecurityMEDIUM

zero-day-investigator/SKILL.md

Audit Metadata

Analyzed At

Jun 16, 2026, 10:47 PM

Package URL

pkg:socket/skills-sh/daemon-blockint-tech%2Fproject-raven-d3fend%2Fraven-zero-day-hunter%2F@9acdc7b387003856c9dbab926b78e450910a7e1c31ae82bc9f12a9d58f94d75a