Skills
skills/dnyoussef/ai-chrome-extension/code-review-assistant/Socket

code-review-assistant

Warn

Audited by Socket on Apr 2, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

The skill is broadly aligned with PR review, but it is not low-risk. Its main issues are autonomous GitHub review actions, execution of unpinned external CLIs, and analysis of untrusted PR content with command/write capabilities. This is best classified as suspicious/high-vulnerability rather than confirmed malware.

Confidence: 84%Severity: 72%
Audit Metadata
Analyzed At
Apr 2, 2026, 07:21 AM
Package URL
pkg:socket/skills-sh/dnyoussef%2Fai-chrome-extension%2Fcode-review-assistant%2F@e56955835852f0d12920ed4a47b0eabcd215c992
Security Audit — socket — code-review-assistant