cors-misconfiguration

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

该技能与其“exploit”声明一致，但其实际用途是帮助 AI 代理实施 CORS 漏洞利用并将敏感数据外传到攻击者域名，属于高风险 offensive security 能力。未见供应链或混淆迹象，但攻击与数据窃取意图明确，应归为高风险可滥用技能而非普通文档。

Confidence: 96%Severity: 90%

Audit Metadata

Analyzed At

Apr 22, 2026, 10:09 AM

Package URL

pkg:socket/skills-sh/wgpsec%2FAboutSecurity%2Fcors-misconfiguration%2F@d36ab123c5a6df92eb7010165f0e2eef6f07c657