llm-wiki

Warn

Audited by Socket on Jul 7, 2026

2 alerts found:

SecurityAnomaly
SecurityMEDIUM
platforms/claude/companions/llm-wiki-upgrade/SKILL.md

The skill's purpose and permissions are coherent for an updater, but its trust model is weak: it pulls mutable code from GitHub and executes install.sh without pinning or verification. This is better classified as suspicious supply-chain risk than malware; no clear credential theft or exfiltration is present in the instructions shown.

Confidence: 87%Severity: 72%
AnomalyLOW
workbench/web/src/components/renderers/HtmlRenderer.tsx

The main security issue is design-level: the component fetches remote HTML text and injects it into an iframe via srcDoc while enabling script execution (sandbox="allow-scripts"). Although sandboxing reduces privileges compared to an unsandboxed iframe, it still permits the embedded artifact’s JavaScript to run. The only protection before rendering is a weak filename-extension check, with no sanitization or response-type/content validation. Review upstream trust boundaries (how getArtifactFileUrl is formed, whether artifact content is trusted/sanitized) and consider removing allow-scripts or sanitizing/isolating the HTML before rendering.

Confidence: 70%Severity: 68%
Audit Metadata
Analyzed At
Jul 7, 2026, 02:40 AM
Package URL
pkg:socket/skills-sh/sdyckjq-lab%2Fllm-wiki-skill%2Fllm-wiki%2F@3ae5af01f2209c13128692f4ce26b16a1968a1d1
Security Audit — socket — llm-wiki