Skills
skills/promptingcompany/agent-skills/skills-admin/Socket

skills-admin

Warn

Audited by Socket on Apr 20, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The core git/GitHub capabilities fit the stated admin purpose, but the skill also directs transitive skill installation through an unpinned third-party CLI (`npx skills add`), which adds medium supply-chain and trust-chain risk. No clear credential harvesting or malicious exfiltration is evident from the provided content.

Confidence: 87%Severity: 56%
Audit Metadata
Analyzed At
Apr 20, 2026, 02:15 PM
Package URL
pkg:socket/skills-sh/promptingcompany%2Fagent-skills%2Fskills-admin%2F@323798d654b2a4e05ddd6a24971db0a5dd4abebc