Skills
skills/ingpoc/skills/initialization/Socket

initialization

Warn

Audited by Socket on Apr 26, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the stated purpose matches project initialization, but the skill’s real footprint depends on opaque local scripts and transitive loading of other skills, especially for MCP and hook setup. No direct credential theft or malicious exfiltration is visible, yet install trust is only partially verifiable, so this is medium risk rather than benign.

Confidence: 82%Severity: 57%
Audit Metadata
Analyzed At
Apr 26, 2026, 09:24 AM
Package URL
pkg:socket/skills-sh/ingpoc%2Fskills%2Finitialization%2F@7a0f5d75f71881f81dd92b1d9fc518c9ac116c8b
Security Audit — socket — initialization