Skills
skills/bytedance/agentkit-samples/byted-data-deepresearch-structured2markdown/Socket

byted-data-deepresearch-structured2markdown

Warn

Audited by Socket on Apr 13, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. 技能目标与“表格转 Markdown”总体一致,Volcengine SDK 安装源也基本可信;但核心 data2md.py 脚本来源不可验证,并且技能会向该本地脚本转交 AK/SK 与文件数据。再叠加隐藏中间执行细节和命令行凭证传递,整体风险偏高,虽未达到确认恶意。

Confidence: 87%Severity: 81%
Audit Metadata
Analyzed At
Apr 13, 2026, 10:47 AM
Package URL
pkg:socket/skills-sh/bytedance%2Fagentkit-samples%2Fbyted-data-deepresearch-structured2markdown%2F@9010b6580f190203202b2bdaf59616e002040448