monskill

Fail

Audited by Socket on Jun 30, 2026

5 alerts found:

Securityx2Anomalyx2Obfuscated File
SecurityMEDIUM
scaffold/SKILL.md
AnomalyLOW
index.html

No clear malicious payload is present in the provided fragment: it is a UI-only page that performs localization, tab navigation, an ASCII/GSAP animation, and a user-initiated click-to-copy feature. The primary risk signals are supply-chain/tracking exposure due to third-party CDN script execution (including a telemetry/insights script without visible integrity attributes in this snippet) and the inherent sensitivity of clipboard-writing behavior. Additional unseen code (helper functions and any earlier/truncated portion) could change risk, but the shown fragment itself does not demonstrate backdoor, exfiltration, or credential theft behavior.

Confidence: 60%Severity: 56%
SecurityMEDIUM
wallet/SKILL.md
Obfuscated FileHIGH
concepts/references/reserve-balance.md

The text describes a protocol-level reserve-balance policy with explicit rules affecting transaction eligibility and fund safety. There is no code to review for malware; the primary security concerns are correctness, edge-case handling (emptying exception, delegated accounts), and timing/race conditions across a 3-block window. Proper formal verification and safe-default handling are required to prevent funds becoming stuck or exploited. Overall risk arises from misimplementation rather than malicious code in this fragment.

Confidence: 90%
AnomalyLOW
hooks/hooks.json

This module is a dispatcher that executes three external shell scripts during PreToolUse. The fragment itself shows no explicit malware or data exfiltration logic, but it creates a substantial supply-chain risk by delegating security-critical behavior (auth gating and provenance marking) to unseen scripts and by relying on ${CLAUDE_PLUGIN_ROOT} for script path integrity. Review the referenced .sh files and ensure ${CLAUDE_PLUGIN_ROOT} cannot be tampered with at runtime; otherwise the hooks can become an arbitrary code execution vector.

Confidence: 46%Severity: 55%
Audit Metadata
Analyzed At
Jun 30, 2026, 10:02 PM
Package URL
pkg:socket/skills-sh/therealharpaljadeja%2FMonskills%2Fmonskill%2F@f55923c3d6632e596640321dd43dcd40125f388f
Security Audit — socket — monskill