whoami

Warn

Audited by Socket on May 22, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill’s purpose and local file accesses are broadly coherent for transcript-based self-profiling, and no explicit network exfiltration is declared. However, it delegates core behavior to an unverified local CLI/script and performs autonomous broad scanning/writing on invocation, so the trust footprint is too large to classify as benign.

Confidence: 84%Severity: 78%
Audit Metadata
Analyzed At
May 22, 2026, 03:49 AM
Package URL
pkg:socket/skills-sh/jazz1x%2Fhonne%2Fwhoami%2F@0c6ca867c957acd3f39df58a79cfc2f17909b2d2
Security Audit — socket — whoami