lobotomized-claude-code-update
Warn
Audited by Socket on Jun 17, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill is coherent with its stated purpose as a guarded updater for a customized Claude Code stack, and its Stage 1/Stage 2 approval flow is a meaningful safety control. However, it installs/updates and then builds and executes a personal-repo patcher that modifies the Claude binary, creating medium supply-chain and local execution risk even though the repo is public and purpose-aligned. No clear credential harvesting or exfiltration path is evident, so this is not confirmed malware, but it is riskier than a normal documentation or maintenance skill.
Confidence: 100%Severity: 60%
Audit Metadata