cmdi-command-injection

Fail

Audited by Socket on Apr 10, 2026

1 alert found:

Malware
MalwareHIGH
SKILL.md

High-risk offensive security skill. Its capabilities match its stated purpose, but that purpose is to help an AI agent exploit command injection, establish reverse shells, and exfiltrate data via OOB channels; this is dangerous and inappropriate for general agent deployment.

Confidence: 95%Severity: 97%
Audit Metadata
Analyzed At
Apr 10, 2026, 06:21 AM
Package URL
pkg:socket/skills-sh/yaklang%2Fhack-skills%2Fcmdi-command-injection%2F@40aba7ad63cb16af7f44207d9364745d6fa8dd58
Security Audit — socket — cmdi-command-injection