using-kisune
Warn
Audited by Socket on May 19, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill is mostly policy text, but it enforces broad mandatory downstream skill loading and creates a mutable transitive trust chain to external Kisune skills without visible pinning or integrity controls. No direct credential theft, exfiltration, or payload execution is present in this file, so this is not confirmed malware.
Confidence: 84%Severity: 64%
Audit Metadata