Skills
skills/firstrui/codex-reverse-skills/web-js-reverse-master-flow/Socket

web-js-reverse-master-flow

Warn

Audited by Socket on Apr 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该 skill 不是明显的窃密恶意软件,但它为 AI 代理提供了高风险的 Web 逆向与对抗分析能力,并默认依赖多个外部 MCP/skills。其用途与能力基本一致,但对不受信任网页内容的处理、转移 skill 信任链,以及部分 MCP 来源/密钥转发不够可验证,使其整体应归为高风险可疑技能而非 benign。

Confidence: 87%Severity: 86%
Audit Metadata
Analyzed At
Apr 18, 2026, 07:11 PM
Package URL
pkg:socket/skills-sh/firstrui%2Fcodex-reverse-skills%2Fweb-js-reverse-master-flow%2F@638f92ab08a7a5725b48b0344271cd1fb9a0fda9
Security Audit — socket — web-js-reverse-master-flow