nexus-submit-spec
Warn
Audited by Socket on May 30, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS: the skill’s purpose and commands are internally coherent for a gated-spec submission workflow, but it depends on an unverifiable `probe` CLI for all sensitive actions. That unverifiable executable drives the main risk; absent public provenance for `probe`, this should be treated as high security risk rather than confirmed malware.
Confidence: 82%Severity: 78%
Audit Metadata