Skills
skills/ocozyo/doc-to-md-skills/docx-to-md/Socket

docx-to-md

Warn

Audited by Socket on May 11, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能的功能与用途总体一致,主要风险不在恶意行为,而在其依赖一个未说明来源的本地固定 Python 环境和本地脚本;依据规则,这使整体安全风险维持高位。另有明确的外部数据流:大图片会发送到 Anthropic API,适用于该用途但不适合处理敏感文档。

Confidence: 88%Severity: 74%
Audit Metadata
Analyzed At
May 11, 2026, 05:54 AM
Package URL
pkg:socket/skills-sh/oCOZYo%2Fdoc-to-md-skills%2Fdocx-to-md%2F@973806c337e64e675d6cd6cab6d956398d405957