seed

Warn

Audited by Socket on May 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core seed-generation behavior is coherent, but the skill adds disproportionate post-task actions: prompting for a GitHub star, using authenticated gh CLI for a real account action, and invoking another skill via transitive execution. Data flows mostly stay on official endpoints and local files, so this looks more like scope creep and trust expansion than confirmed malware.

Confidence: 87%Severity: 63%
Audit Metadata
Analyzed At
May 16, 2026, 08:31 AM
Package URL
pkg:socket/skills-sh/q00%2Fouroboros%2Fseed%2F@20f49098fc15dcc8644d4ada6df17ae7bd4e7c95
Security Audit — socket — seed