jimeng
Warn
Audited by Socket on Apr 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the core image-generation behavior is coherent, but the skill routes credentials and user data through a Rebyte relay instead of a clearly documented official ByteDance API and reads local auth material directly. This looks like a platform-managed proxy pattern rather than confirmed malware, but the intermediary data flow and credential forwarding raise medium security risk.
Confidence: 84%Severity: 52%
Audit Metadata