Skills
skills/interpreterbarry/barry-english-toolkit/barry-logic-to-speech/Socket

barry-logic-to-speech

Warn

Audited by Socket on Jun 14, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

整体更像教学/编排型 skill,而非恶意窃密工具;其核心功能与所需本地读写大体匹配。但它存在两点明显风险:一是通过 `npx skills add` 依赖额外 skills/资源,扩大供应链与信任边界;二是要求在未征得用户同意的情况下把完整稿件静默写入磁盘,属于不透明的持久化副作用。未见第三方凭据转发、官方 API 代理或外部数据外传,因此判定为 SUSPICIOUS 而非 MALICIOUS。

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 14, 2026, 02:44 PM
Package URL
pkg:socket/skills-sh/InterpreterBarry%2Fbarry-english-toolkit%2Fbarry-logic-to-speech%2F@f9bd62bf1340b3cb9eb6993d76e01d0794a79cb5f2a14f20bf33cf91d7d31339
Security Audit — socket — barry-logic-to-speech