jimeng

Warn

Audited by Socket on Apr 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core image-generation behavior is coherent, but the skill routes credentials and user data through a Rebyte relay instead of a clearly documented official ByteDance API and reads local auth material directly. This looks like a platform-managed proxy pattern rather than confirmed malware, but the intermediary data flow and credential forwarding raise medium security risk.

Confidence: 84%Severity: 52%
Audit Metadata
Analyzed At
Apr 16, 2026, 05:42 PM
Package URL
pkg:socket/skills-sh/rebyteai%2Frebyte-skills%2Fjimeng%2F@71a371944ee1e0b6506719700d0357576b0a5209
Security Audit — socket — jimeng