Skills
skills/othmanadi/planning-with-files/planning-with-files-zh/Socket

planning-with-files-zh

Warn

Audited by Socket on May 15, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS:用途与文件规划基本一致,但通过钩子在每次工具前注入 task_plan.md,形成显著间接提示注入风险;同时 Stop 钩子执行来自缓存目录、来源不透明的脚本,带来中高供应链风险。未见网络外传、凭证收集或明显恶意窃取,因此不像确认恶意,更像设计上风险偏高的技能。

Confidence: 88%Severity: 76%
Audit Metadata
Analyzed At
May 15, 2026, 07:25 AM
Package URL
pkg:socket/skills-sh/othmanadi%2Fplanning-with-files%2Fplanning-with-files-zh%2F@14c037e70df8b86ef9e3aecacb5a84455fddccc2