config-refactor
Warn
Audited by Socket on Jul 2, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the core editing behavior is coherent with a config-refactor skill and is mostly well-scoped, but it introduces medium risk through automatic invocation of an unseen skill, an unverifiable reference to install.sh, and mandatory context persistence via unspecified mem_save. No clear credential theft, remote-code execution, or malicious data exfiltration is present in the provided text.
Confidence: 83%Severity: 52%
Audit Metadata