yao-websecurity-skill

Warn

Audited by Socket on May 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill is internally coherent for a security-audit purpose and does not show obvious credential theft or exfiltration paths, but it grants an AI agent high-risk offensive security capabilities and processes untrusted external targets with command-capable workflows. Main concern is capability class and active testing scope, not clear malware behavior.

Confidence: 88%Severity: 76%
Audit Metadata
Analyzed At
May 18, 2026, 05:47 AM
Package URL
pkg:socket/skills-sh/yaojingang%2Fyao-open-skills%2Fyao-websecurity-skill%2F@24d2d93bf79de04b815ffe6ef2b3693e2fc96083
Security Audit — socket — yao-websecurity-skill