films-search

Warn

Audited by Socket on Jun 23, 2026

2 alerts found:

Anomalyx2
AnomalyLOW
scripts/film-search.js

No clear evidence of explicit malware (backdoor, credential theft, or direct network exfiltration) is visible in this JS fragment. However, the module performs sensitive operations that elevate supply-chain and execution risks: it can execute a Python interpreter path from FILM_SEARCH_PYTHON_PATH and may install Python dependencies at runtime via pip install -r requirements.txt, and it can fetch arbitrary user-provided URLs in resolve mode (potential SSRF depending on deployment egress controls). The deeper scraping behavior and any potential malicious logic likely reside in deep_extract.py and its Python dependencies, which are outside this snippet. Overall risk is moderate and should be reviewed/hardened with pinned dependencies, controlled environment variables, and network access restrictions.

Confidence: 64%Severity: 60%
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill's behavior mostly matches its stated purpose, but it introduces moderate risk through unpinned auto-installation of a third-party package, reliance on an unspecified external web-search skill, and deep crawling of arbitrary third-party pages. I see no strong evidence of credential theft or overt malware, but the install and transitive trust model are weaker than a low-risk benign skill.

Confidence: 82%Severity: 61%
Audit Metadata
Analyzed At
Jun 23, 2026, 06:07 AM
Package URL
pkg:socket/skills-sh/storyclaw-official%2Fstoryclaw-assistant%2Ffilms-search%2F@d0665007a71cfb8b775e7f98eb57e99453e3a083289980c35431d41c7f8baf69
Security Audit — socket — films-search