legal-manager

Warn

Audited by Socket on Apr 15, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

该技能的核心目的与大部分本地能力基本一致：法务归档、OCR、登记簿、提醒、统计都属于声明范围内。但其风险在于对敏感法律文件的“无确认自动执行”与“每次必须 webhook 推送”，使外部数据流超出最小必要范围。未见明确恶意窃密或可疑下载器，整体更像高风险自动化法务技能，而非确认恶意内容。

Confidence: 85%Severity: 74%

Audit Metadata

Analyzed At

Apr 15, 2026, 09:08 AM

Package URL

pkg:socket/skills-sh/casperliu7%2Fsmall-company-agent%2Flegal-manager%2F@ecedbd78a9c4b5ae195f186f31a7a51449297891