Skills
skills/deveshpunjabi/modern-frontend-skill/modern-frontend-design/Socket

modern-frontend-design

Warn

Audited by Socket on Mar 20, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The core content is a benign frontend design guide, and its capabilities align with that purpose. The main risk is the embedded transitive install instruction (`npx skills add ...`), which uses an official CLI but still asks the agent to fetch and trust additional remote skill content from GitHub; that install-trust exposure is unnecessary for a pure design-reference skill. No credential harvesting, exfiltration, or malicious data flows are present.

Confidence: 92%Severity: 53%
Audit Metadata
Analyzed At
Mar 20, 2026, 09:10 PM
Package URL
pkg:socket/skills-sh/deveshpunjabi%2Fmodern-frontend-skill%2Fmodern-frontend-design%2F@4f012f0df60bbd8a916bfabd17deb916c28e606e