Skills
skills/elementalsouls/claude-bughunter/hunt-websocket/Snyk

hunt-websocket

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This document contains explicit, actionable exploitation techniques and PoC code (attacker-origin WebSocket PoC, navigator.sendBeacon exfil, socket.io namespace/room join, privileged-frame forgery, handshake smuggling) that enable data exfiltration, session/token theft, and privilege escalation—clear high-risk malicious capabilities.

Issues (1)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 13, 2026, 04:06 PM
Issues
1
Security Audit — snyk — hunt-websocket