agent-rules

Fail

Audited by Socket on Jun 18, 2026

2 alerts found:

Obfuscated Filex2
Obfuscated FileHIGH
scripts/verify-commands.sh

The script is a legitimate utility but contains a significant security flaw: it executes untrusted command strings extracted from AGENTS.md via bash -c after only checking the first token against a whitelist. This permits command injection (through shell metacharacters or chaining) for any entry whose base command is whitelisted. Running the script with SMOKE_TEST=true on untrusted or attacker-modified AGENTS.md can lead to arbitrary command execution, data access, network requests, or repository mutation. Recommended mitigations: never run smoke tests on untrusted markdown; sanitize and validate entire command strings (reject shell metacharacters), avoid using bash -c with unsanitized input (use arrays and execvp-style invocation), restrict allowed subcommands/arguments rather than only base token, apply stricter allowlist for potentially destructive tools (curl/docker) or run tests in a safe sandbox/container, and avoid auto-modifying AGENTS.md unless explicit consent (or require DRY_RUN=false to be deliberate).

Confidence: 90%
Obfuscated FileHIGH
scripts/verify-content.sh

The analyzed shell script is a legitimate, read-only verification utility that ensures AGENTS.md aligns with the repository’s actual state. It focuses on existence checks for documented files, Makefile targets, and scoped documentation, aggregates issues, and optionally suggests fixes. While effective within its assumed project structure, its accuracy depends on stable AGENTS.md formatting and directory conventions. No malicious behavior detected; primary risk lies in false positives/negatives due to structural differences across projects.

Confidence: 90%
Audit Metadata
Analyzed At
Jun 18, 2026, 05:44 AM
Package URL
pkg:socket/skills-sh/dirien%2Fstop-building-portals-start-building-conversations%2Fagent-rules%2F@918bf0acc8e4301ce8a0260826d634c4a5336665040273fa2463bdfbad80b160
Security Audit — socket — agent-rules