Skills
skills/nghanyi/agent-skills/jupiter-token-verification/Socket

jupiter-token-verification

Warn

Audited by Socket on Mar 19, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is broadly aligned with Jupiter token verification and uses plausible same-org domains plus a standard Solana SDK, but it facilitates an on-chain payment flow, includes local keypair handling in its example, and relies on a dev API/pricing model that is not clearly consistent with Jupiter’s public documentation. This is not confirmed malware, but it carries meaningful security and financial-action risk for an AI agent skill.

Confidence: 85%Severity: 66%
Audit Metadata
Analyzed At
Mar 19, 2026, 06:26 AM
Package URL
pkg:socket/skills-sh/nghanyi%2Fagent-skills%2Fjupiter-token-verification%2F@a6f65d6ca3e2b494d2d7244dfc4f5c28b7fa8575