xiaomi-cam-snapshot

Warn

Audited by Socket on Mar 17, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

该技能目的与能力基本一致：通过本地服务获取小米摄像头截图。但其核心依赖第三方 Docker 后端处理账号认证和摄像头访问，且使用可变 dev 镜像标签，存在中等偏高的供应链与凭据暴露风险。未见明确恶意或外传到已知窃取端点的证据，更适合判定为可疑但非确认恶意。

Confidence: 78%Severity: 62%

Audit Metadata

Analyzed At

Mar 17, 2026, 01:39 PM

Package URL

pkg:socket/skills-sh/tiancheng91%2Fskills%2Fxiaomi-cam-snapshot%2F@8754ad2e0321fd52039a8cc6c70d810add833c4e