socket-scan
Installation
SKILL.md
Research Scan
Run a dependency scan using the Socket CLI. For authenticated users, scans run in temporary read-only mode (--tmp) by default — results are returned locally without creating a persistent entry in the Socket dashboard.
For unauthenticated users (no token or demo token only), the skill prompts the user to log in or create a free account. If the user skips login, the scan falls back to cdxgen — but alert accuracy will be greatly reduced and SBOM accuracy will be poor.
When the user is authenticated with a full account (free or enterprise) and explicitly wants results saved, the scan can be promoted to a persistent dashboard scan.