haizei-cyberpunk-terminal-ppt

Warn

Audited by Socket on Jul 7, 2026

1 alert found:

Anomaly
AnomalyLOW
scripts/render-ppt.mjs

No explicit signs of embedded malware (e.g., stealer/backdoor/exfiltration) are visible in this module. However, the script has meaningful security risk in practice: it executes automation against an attacker-supplied URL in a headless browser launched with '--no-sandbox' and it writes raw untrusted remote outerHTML directly to local HTML files without sanitization. Additionally, user-controlled '--browser' and '--out' increase operational blast radius (arbitrary binary selection and potential unintended filesystem writes if paths are not constrained).

Confidence: 62%Severity: 52%
Audit Metadata
Analyzed At
Jul 7, 2026, 11:10 AM
Package URL
pkg:socket/skills-sh/wuchubuzai2018%2Fexpert-skills-hub%2Fhaizei-cyberpunk-terminal-ppt%2F@d3a7b7b201a6f21ce466388bda4a7e1201c807755c5c583e13259f7aba9bbaff
Security Audit — socket — haizei-cyberpunk-terminal-ppt