Skills
skills/jasonkneen/cluso-inspector-skill/cluso-inspector/Socket

cluso-inspector

Warn

Audited by Socket on May 8, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

The skill's stated purpose matches its capabilities: inspecting a user-shown web element and returning visual/HTML context. The main concern is install trust from unpinned `npx` execution of an npm package whose provenance was not confirmed in the provided evidence, plus moderate exposure to untrusted page content. This is better classified as suspicious/medium-risk supply-chain and content-handling behavior, not confirmed malware.

Confidence: 81%Severity: 56%
Audit Metadata
Analyzed At
May 8, 2026, 03:03 AM
Package URL
pkg:socket/skills-sh/jasonkneen%2Fcluso-inspector-skill%2Fcluso-inspector%2F@ac7e6cb5efdc367402e1758ecbae4986f78fd8dd