skills/cat-xierluo/legal-skills/tingwu-asr/Socket

tingwu-asr

Warn

Audited by Socket on Apr 23, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

该技能整体目的与能力基本一致：云端转录需要上传媒体并访问阿里云接口，未见明显恶意窃取或外传到无关第三方域名。主要风险在于它绕过官方 OpenAPI，改用网页 Cookie 和逆向 REST 接口，并鼓励保存账号密码/Cookie 与自动签到；这更像高风险的非官方集成，而非确认恶意。综合判断为 SUSPICIOUS。

Confidence: 88%Severity: 68%

Audit Metadata

Analyzed At

Apr 23, 2026, 02:18 AM

Package URL

pkg:socket/skills-sh/cat-xierluo%2Flegal-skills%2Ftingwu-asr%2F@3dc9505322d000f78f7987124c78153fb7e44d2a