js-api-extract

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

该技能与其声明目的基本一致，但其目的本身是为 API 渗透测试提供侦察与端点挖掘能力，属于不应赋予通用 AI 代理的高风险安全/攻击工具。未见明显恶意植入、凭证外传代理或可疑安装链，因此更像高风险 offensive skill，而非恶意软件。

Confidence: 93%Severity: 83%

Audit Metadata

Analyzed At

Apr 22, 2026, 07:59 AM

Package URL

pkg:socket/skills-sh/wgpsec%2FAboutSecurity%2Fjs-api-extract%2F@122c970a913088f1cedad2d839fc70f9dd7fd2cb