rallish-operator
Audited by Socket on May 18, 2026
2 alerts found:
AnomalySecurityNo direct malicious behavior (e.g., credential theft, persistence, remote command execution, or data exfiltration) is evident in the shown script. The primary security concern is supply-chain integrity: the installer downloads and extracts an externally supplied release tarball and installs the contained executable without cryptographic verification (no hash/signature checks). If the upstream release artifact or download path is compromised, this script will faithfully install attacker-controlled code—potentially with elevated impact when targeting `/usr/local/bin`. Additional concerns include fragile JSON parsing for version resolution and non-explicitly hardened tar extraction, though extraction is confined to a temp directory.
SUSPICIOUS. The skill's rally orchestration purpose is plausible, but its actual footprint is wider than necessary: it installs an unpinned external binary, can install another skill transitively, and enables semi-autonomous command/code actions driven by another agent's notes. No direct credential theft is shown, but the install trust and untrusted-content-to-action paths make this a high-risk vulnerable skill rather than benign documentation.