socket-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds an actual API/demo token literal and instructs placing it directly into CLI commands and configs (e.g., npx socket config set apiToken sktsec_t_...), which forces the agent to output secret values verbatim.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I scanned the full prompt for high-entropy, literal values that look like real credentials. I found a long, random-looking API token used directly in commands:
• npx socket config set apiToken sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api

This is a real, high-entropy token string (not a placeholder like "YOUR_API_KEY" or "sk-xxxx") and is being applied directly to configure the CLI, so it is a usable credential. Even though the text labels it a "public demo token" and it’s rate-limited, it is still a literal token present in the documentation and therefore should be treated as a secret for scanning/leakage purposes.

Other items in the doc (environment variable names like SOCKET_CLI_API_TOKEN, placeholders such as SocketDemo, or references to token creation pages) are not flagged because they are either variable names/placeholders or low-entropy examples and do not contain actual credential values.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill instructs the agent to install global packages and write executables to system locations (e.g., /usr/local/bin with curl && chmod), modify Dockerfiles/CI and project files, and run npm -g installs — operations that alter the host system and may require elevated privileges, so it can compromise the machine state.