ljg-map

Warn

Audited by Socket on Jul 3, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The core behavior fits the stated purpose of researching and rendering an industry map, but the workflow relies on a cross-skill local script and an unspecified image backend, creating supply-chain and transitive-trust risk. No direct credential harvesting or clear exfiltration is shown, so this is better classified as a medium-risk vulnerable skill rather than malicious.

Confidence: 82%Severity: 58%
Audit Metadata
Analyzed At
Jul 3, 2026, 11:12 PM
Package URL
pkg:socket/skills-sh/lijigang%2Fljg-skills%2Fljg-map%2F@b33bc1d07560a385f57fb7cf8a614ebd34485a14839948665e2ef9d4788de568
Security Audit — socket — ljg-map