skills/yigitkonur/skills-by-yigitkonur/build-kernel-ts-sdk/Socket

build-kernel-ts-sdk

Warn

Audited by Socket on May 17, 2026

1 alert found:

Anomaly

Anomalyscripts/scaffold-kernel-app.sh

LOW

AnomalyLOW

scripts/scaffold-kernel-app.sh

This scaffold script itself shows no strong evidence of overt malware (no eval/obfuscation, no credential theft, no persistence, no explicit data exfiltration). However, it generates code that enables high-privilege remote browser control via CDP, uses stealth automation, and in deploy mode accepts an arbitrary, unvalidated URL payload for `page.goto`. The dominant risk is misuse/abuse potential (SSRF-like/internal probing depending on runtime environment) and supply-chain drift from dynamically generated “latest” dependency ranges.

Confidence: 68%Severity: 56%

Audit Metadata

Analyzed At

May 17, 2026, 10:42 PM

Package URL

pkg:socket/skills-sh/yigitkonur%2Fskills-by-yigitkonur%2Fbuild-kernel-ts-sdk%2F@06bb6c37371fc48430a05b4b61fc292d4de83558