socket-sca

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). Yes — these are suspicious: "evil.example.com" is an explicitly malicious-looking domain and "https://example.com/setup.sh" is a direct shell script URL (executing a remote .sh is a high-risk vector for malware or persistence), so being asked to download/pipe either is unsafe.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's mandatory workflow explicitly runs the Socket CLI and parses its JSON output ("run socket scan create --json ." in Workflow step 3) and also instructs checking public registries/advisory lists (e.g., Snyk, OSV, PyPI) — all are untrusted third-party sources whose descriptions/alerts are ingested and used to drive findings and remediation, so they could carry content that materially influences the agent's decisions.