user-wf

Warn

Audited by Socket on Mar 26, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the visible skill is minimal and not overtly malicious, but it delegates execution to an ambiguously named external CLI and an unseen workflow. The main issue is trust and opacity, not confirmed credential theft or exfiltration.

Confidence: 84%Severity: 56%
Audit Metadata
Analyzed At
Mar 26, 2026, 05:39 PM
Package URL
pkg:socket/skills-sh/s-hiraoku%2Fsynapse-a2a%2Fuser-wf%2F@8df1108a641d47d8cf2ee2b1d0292f2e43cbe8a6
Security Audit — socket — user-wf