azuresql-db-scaffold

Warn

Audited by Socket on Jul 8, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s purpose and capabilities mostly align, and data flows stay within expected Microsoft/Azure endpoints, but the core dependency is a private preview executable container image that is not publicly verifiable and is run with credentials. Mutable `:latest`, shared pull credentials, and secret forwarding make this high security risk even without evidence of confirmed malicious intent.

Confidence: 84%Severity: 82%
Audit Metadata
Analyzed At
Jul 8, 2026, 04:23 AM
Package URL
pkg:socket/skills-sh/microsoft%2Fazure-sql-database-container%2Fazuresql-db-scaffold%2F@f2ac76dd22a9210c76d91b7592451186c1e62304169a4d42c88074c411289bb0
Security Audit — socket — azuresql-db-scaffold