skills/webmaxru/enonic-agent-skills/enonic-controller-generator/Socket

enonic-controller-generator

Warn

Audited by Socket on May 4, 2026

1 alert found:

Anomaly

Anomalyreferences/examples.md

LOW

AnomalyLOW

references/examples.md

The module is mostly standard Enonic XP CMS-driven rendering, but it contains a significant security concern: a response processor unconditionally injects an external third-party JavaScript file into every rendered page. While this may be intended for analytics, it creates a high-impact client-side dependency without visible integrity/allowlist/CSP controls in this snippet. No clear malware/backdoor logic is evident beyond this remote script inclusion.

Confidence: 72%Severity: 65%

Audit Metadata

Analyzed At

May 4, 2026, 08:32 AM

Package URL

pkg:socket/skills-sh/webmaxru%2Fenonic-agent-skills%2Fenonic-controller-generator%2F@6937fb74c7fdf3faddb29c8f96bfb80a806ebe79