Skills
skills/tencent-lexiang/lexiang-cli/lx-entry/Socket

lx-entry

Warn

Audited by Socket on May 20, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能的功能范围与“乐享知识库条目管理”基本一致,未见明显恶意窃密或隐藏外传指令,整体更像正常业务技能。但其核心执行面完全依赖一个无法公开验证来源的已登录 lx CLI,并把认证能力交给该黑箱二进制处理;依据强制规则,这构成高风险供应链与凭据转发问题,应判为 SUSPICIOUS/高风险而非确认恶意。

Confidence: 85%Severity: 84%
Audit Metadata
Analyzed At
May 20, 2026, 09:44 PM
Package URL
pkg:socket/skills-sh/tencent-lexiang%2Flexiang-cli%2Flx-entry%2F@bfefcb6f45b3221919550e7eb27db1e4157f5cca
Security Audit — socket — lx-entry