ln-030-vps-bootstrap

Warn

Audited by Socket on May 5, 2026

1 alert found:

Anomaly
AnomalyLOW
references/god-session.sh

No explicit indicators of classic malware behavior are present in this fragment (no reverse shells, no direct network calls, no obvious credential theft code, no persistence/backdoor logic beyond standard systemd/tmux lifecycle). The main supply-chain security concerns are configuration-driven and impact-amplifying: the script runs Claude with --dangerously-skip-permissions and executes a shell command via tmux that interpolates an unquoted ${PROJECT_DIR} (a command-injection risk only if that value can be influenced). Overall, malicious probability is low, but the security risk is moderate due to permission weakening and the sensitivity of local command/secret inputs.

Confidence: 66%Severity: 56%
Audit Metadata
Analyzed At
May 5, 2026, 08:05 PM
Package URL
pkg:socket/skills-sh/levnikolaevich%2Fclaude-code-skills%2Fln-030-vps-bootstrap%2F@aa92154abc87272f326c5373d077bcbd97d034cf
Security Audit — socket — ln-030-vps-bootstrap