skills/inference-sh/agent-skills/related-skill/Socket

related-skill

Warn

Audited by Socket on Apr 14, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

SUSPICIOUS: the stated purpose matches the behavior, but the behavior is inherently high-trust because it installs other skills. The main risk is transitive trust and broad shell permission via `npx skills *`, not direct malware behavior in this file.

Confidence: 90%Severity: 81%

Audit Metadata

Analyzed At

Apr 14, 2026, 09:12 AM

Package URL

pkg:socket/skills-sh/inference-sh%2Fagent-skills%2Frelated-skill%2F@73fd69d2d41797c5fec8afb730b4c7be198fd1da