find-skills
Warn
Audited by Socket on Apr 7, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
该技能的声明用途与功能基本一致,但核心行为是从外部注册表安装其他技能与 CLI,带来明显的供应链和转移信任风险。未见直接窃密或异常数据外传证据,因此更适合判定为 suspicious/high-risk vulnerable,而非 confirmed malware。
Confidence: 82%Severity: 74%
Audit Metadata