Skills
skills/digitalocean-labs/do-app-platform-skills/app-platform-router/Socket

app-platform-router

Fail

Audited by Socket on May 10, 2026

1 alert found:

Malware
MalwareHIGH
skills/sandbox/SKILL.md

SUSPICIOUS: The skill’s core capabilities are coherent with a sandbox-management purpose, and it uses standard package channels plus official DigitalOcean CLI auth. However, trust is weakened by a notable publisher mismatch: a DigitalOcean-branded skill defaults to a personal PyPI maintainer and personal GHCR images. There is no clear credential-harvesting or malicious exfiltration, but the supply-chain provenance is not clean enough to treat as benign.

Confidence: 85%Severity: 62%
Audit Metadata
Analyzed At
May 10, 2026, 02:14 PM
Package URL
pkg:socket/skills-sh/digitalocean-labs%2Fdo-app-platform-skills%2Fapp-platform-router%2F@652eec5cb87208d23f645e3ff09429ad62e2495c