Skills
skills/wgpsec/aboutsecurity/prompt-injection/Socket

prompt-injection

Warn

Audited by Socket on May 4, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能与其声明目的高度一致,但其目的本身是教授对AI/Agent实施间接注入、工具滥用与数据外泄的进攻方法。无明显供应链或凭证转发问题,但作为面向AI代理的攻击性安全技能,整体应判定为高风险、可疑而非确认恶意。

Confidence: 93%Severity: 82%
Audit Metadata
Analyzed At
May 4, 2026, 08:16 AM
Package URL
pkg:socket/skills-sh/wgpsec%2FAboutSecurity%2Fprompt-injection%2F@6f7a67a90a96ac979d72a702fba2c26f2fcd5e5a