azuresql-db-rag

Warn

Audited by Socket on Jul 8, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s capabilities mostly match its stated Azure SQL local RAG purpose, and data stays local, but the main install path relies on a private-preview, partially unverifiable container image tagged latest. That supply-chain trust gap pushes risk high even without evidence of credential theft or malicious exfiltration.

Confidence: 85%Severity: 72%
Audit Metadata
Analyzed At
Jul 8, 2026, 04:23 AM
Package URL
pkg:socket/skills-sh/microsoft%2Fazure-sql-database-container%2Fazuresql-db-rag%2F@9cebd6bf4b479ed160bdbf247991862a1fe71051206d8744af6c03c94b23d05a
Security Audit — socket — azuresql-db-rag