app-platform-router

Fail

Audited by Socket on Jun 28, 2026

3 alerts found:

Malwarex2Security
MalwareHIGH
skills/sandbox/SKILL.md

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill document describes a legitimate sandboxing SDK whose capabilities (arbitrary command execution, file I/O, public port exposure, custom images, and pool management) match its stated purpose. There are no signs of obfuscated or covert malicious code in this documentation. The primary risks are inherent to the feature set: running untrusted code and untrusted images, possible snapshotting of secrets, and exposing network ports. Those are operational/security risks rather than indicators of supply-chain malware in the provided files. Recommend ensuring strong access controls, network egress restrictions, and guidance to avoid storing secrets in sandboxes/snapshots. LLM verification: This Skill's intent and documented capabilities are aligned: it legitimately provides sandboxed container execution and hot-pool features. The content itself does not contain obfuscated or directly malicious code or hardcoded secrets. However, the feature set inherently enables high-risk actions (arbitrary code execution inside containers, unbounded network egress, pulling third-party/custom images, operations using cloud credentials). The documentation also includes unpinned pip installs and re

Confidence: 95%Severity: 90%
MalwareHIGH
skills/devcontainers/SKILL.md

[Skill Scanner] Instruction to copy/paste content into terminal detected All findings: [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill README and templates are coherent with their stated purpose: providing devcontainer and docker-compose configurations for local development. No evidence in the provided fragment of malicious behavior, covert data exfiltration, or obfuscation. Main concerns are operational: example credentials in templates (safe for local use but must not be used in production or committed) and the usual risk of running unreviewed init/test scripts from the referenced template repository — those scripts should be audited before execution. Overall the fragment appears benign but exercise standard caution when running external scripts and avoid committing example credentials. LLM verification: This skill appears functionally benign and consistent with its stated purpose: enabling local devcontainers for DigitalOcean App Platform parity. The primary risks are operational and supply-chain: it pulls a reference repo and multiple external devcontainer features, and it runs init/post-create/test shell scripts that execute code inside the container. Those scripts (not provided here) are the main risk surface — if the external repo or any referenced feature is compromised, arbitrary code exe

Confidence: 95%Severity: 90%
SecurityMEDIUM
skills/postgres/scripts/cleanup_client.py
Audit Metadata
Analyzed At
Jun 28, 2026, 07:42 AM
Package URL
pkg:socket/skills-sh/digitalocean-labs%2Fdo-app-platform-skills%2Fapp-platform-router%2F@0b0be08d4f0cd403f7a4a823b68956303d512b85
Security Audit — socket — app-platform-router