performing-clickjacking-attack-test

Warn

Audited by Socket on Apr 10, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill is internally coherent for penetration testing and uses trusted local tooling, but it materially enables an AI agent to perform offensive security testing and live clickjacking attack PoCs against web applications. Main risk is offensive capability, not malware, credential theft, or supply-chain behavior.

Confidence: 93%Severity: 86%
Audit Metadata
Analyzed At
Apr 10, 2026, 08:32 AM
Package URL
pkg:socket/skills-sh/mukul975%2FAnthropic-Cybersecurity-Skills%2Fperforming-clickjacking-attack-test%2F@ce0653e74be61ffebc0547df908fe7f059ef0383
Security Audit — socket — performing-clickjacking-attack-test