xss-methodology

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

该技能与其声明目的高度一致，但其目的本身是为 AI 代理提供可操作的 XSS 攻击方法论与绕过技巧。无供应链、凭据或隐蔽外传迹象，因此不像恶意窃密技能；但按 AI 代理安全标准，这类进攻性漏洞利用能力应判为高风险、可疑。

Confidence: 90%Severity: 82%

Audit Metadata

Analyzed At

Apr 22, 2026, 10:11 AM

Package URL

pkg:socket/skills-sh/wgpsec%2FAboutSecurity%2Fxss-methodology%2F@aeab8000f5fd82b6442887be0280f49e0be10934