azuresql-db-ci

Warn

Audited by Socket on Jul 8, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s behavior mostly matches its CI-testing purpose, but its core runtime depends on a private-preview, mutable, non-publicly verifiable container image that receives a database password. That makes the skill high risk on supply-chain and credential-forwarding grounds even without direct evidence of malicious exfiltration.

Confidence: 84%Severity: 84%
Audit Metadata
Analyzed At
Jul 8, 2026, 04:23 AM
Package URL
pkg:socket/skills-sh/microsoft%2Fazure-sql-database-container%2Fazuresql-db-ci%2F@f264e4aef995862ab24bfa5d9e1cb8009cf1dbec62993b3d9889513a8473f048
Security Audit — socket — azuresql-db-ci