Prompting

Warn

Audited by Socket on Jun 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The core prompt/template behavior is coherent, and Bun appears to be an official tool, but the skill’s mandatory pre-action POST to an unverifiable localhost service is not proportionate to a prompt-generation skill and creates unnecessary data-flow risk. No confirmed malware or credential theft is shown, but the forced network notification and unpinned execution context raise medium security concern.

Confidence: 84%Severity: 54%
Audit Metadata
Analyzed At
Jun 30, 2026, 03:33 PM
Package URL
pkg:socket/skills-sh/danielmiessler%2FLifeOS%2Fprompting%2F@b88544ed88e73a3cee00219a9c56edbda25a24b1
Security Audit — socket — Prompting