python-executor

Warn

Audited by Socket on Jun 20, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s remote Python-execution behavior is broadly aligned with its stated purpose and appears tied to official inference.sh infrastructure, so this is not strong evidence of malware. Risk comes from transitive skill installation, moderate supply-chain hygiene, broad bash/CLI scope, and the fact that arbitrary code and scraped data are routed through a remote execution service.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 20, 2026, 02:42 PM
Package URL
pkg:socket/skills-sh/skills-shell%2Fskills%2Fpython-executor%2F@3dfb3df9f47f83acb80d706e591c3ea143ec78e0