skills/akillness/skills-template/agentic-workflow/Socket

agentic-workflow

Warn

Audited by Socket on Mar 6, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

The skill targets productivity and multi-agent orchestration, but it embeds risky patterns such as a curl|bash installer and unverified external tooling in its container/build context. This elevates supply-chain and data-exposure risk if adopted without safeguards. Recommended hardening includes replacing curl|sh with pinned installers or package managers with integrity checks, using secret vaults for API keys, enabling multi-stage builds, and auditing MCP tool access to minimize untrusted code execution. Overall, risk is moderate-to-high depending on usage.

Confidence: 68%Severity: 65%

Audit Metadata

Analyzed At

Mar 6, 2026, 12:45 PM

Package URL

pkg:socket/skills-sh/akillness%2Fskills-template%2Fagentic-workflow%2F@37ff09fcdf69796f3547d0d6b8a9585d60571968