skills/qwenlm/qwen-code-examples/oss-styles/Socket

oss-styles

Warn

Audited by Socket on Mar 30, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

该技能表面上是“生成开源项目宣传视频”，但实际主要功能是克隆并执行另一个仓库中的 SKILL。其风险来自传递信任、远程可变指令与未审查的后续命令执行，和声明用途相比实现过度外包，整体应判为可疑而非已确认恶意。

Confidence: 85%Severity: 78%

Audit Metadata

Analyzed At

Mar 30, 2026, 12:51 AM

Package URL

pkg:socket/skills-sh/qwenlm%2Fqwen-code-examples%2Foss-styles%2F@07a4db54763a2278697fc7cd05f5b36e4d30769a

Security Audit — socket — oss-styles