socket-inspect
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Socket CLI through
npx socketandcurlfor API requests. These commands are standard operations for the tool's security research functionality.\n- [EXTERNAL_DOWNLOADS]: Data is retrieved from official vendor endpoints includingapi.socket.devandsocket.dev. These downloads are necessary for fetching package scores, alerts, and CVE information.\n- [CREDENTIALS_UNSAFE]: Includes a hardcoded public demo token (sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api). This is a documented vendor credential provided for public trial use and has limited permissions.\n- [PROMPT_INJECTION]: The skill processes untrusted package data from external registries, creating a surface for indirect prompt injection.\n - Ingestion points: API responses from
api.socket.devand web content scraped fromsocket.devpackage pages.\n - Boundary markers: Not explicitly defined in the prompt instructions for isolating external package metadata.\n
- Capability inventory: Shell execution via
npx socketand network access viacurl.\n - Sanitization: No specific sanitization or filtering of external package descriptions is mentioned.
Audit Metadata