devtu-self-evolve

Warn

Audited by Socket on May 29, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: The skill’s core capabilities mostly match its stated purpose as a self-evolution orchestrator, and the named GitHub tooling is from official sources. The main risk is disproportionate trust expansion: it dispatches to multiple other skills, processes broad agent-generated content, and can then modify code and push PRs, creating a medium-high transitive and autonomy risk even without clear evidence of malware or credential theft.

Confidence: 89%Severity: 71%
Audit Metadata
Analyzed At
May 29, 2026, 05:27 AM
Package URL
pkg:socket/skills-sh/mims-harvard%2FToolUniverse%2Fdevtu-self-evolve%2F@a1803e44e63a737e8e5c26e2017f301194a4e1e0
Security Audit — socket — devtu-self-evolve