Skills
skills/smallnest/goal-workflow/humanize-it/Socket

humanize-it

Warn

Audited by Socket on May 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能表面用途是文档去AI味改写,目的与本地读写基本一致,但其核心实现依赖多个外部子技能,形成明显的传递信任与供应链风险。基于已知 `humanizer-zh` 采用远程 GitHub 技能安装路径、且主技能会把完整文档内容反复交给子技能处理,本技能更适合判定为 SUSPICIOUS 而非 BENIGN;目前无直接恶意或凭证窃取证据,未达到 MALICIOUS。

Confidence: 85%Severity: 72%
Audit Metadata
Analyzed At
May 18, 2026, 12:24 AM
Package URL
pkg:socket/skills-sh/smallnest%2Fgoal-workflow%2Fhumanize-it%2F@235baf5c1e28c66e3b6ed58794eee47d5313b875
Security Audit — socket — humanize-it