Skills
skills/galiais/ctf-sandbox-orchestrator/competition-request-normalization-smuggling/Socket

competition-request-normalization-smuggling

Warn

Audited by Socket on Mar 31, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能与其声明用途一致,但用途本身是为AI代理提供请求走私和HTTP解析差异利用方法,属于高风险进攻性安全技能。未见明显供应链、凭证窃取或外传通道,但存在内部技能链依赖与可被代理转化为主动测试的现实风险;应归类为 SUSPICIOUS。

Confidence: 90%Severity: 82%
Audit Metadata
Analyzed At
Mar 31, 2026, 12:17 PM
Package URL
pkg:socket/skills-sh/GALIAIS%2FCTF-Sandbox-Orchestrator%2Fcompetition-request-normalization-smuggling%2F@131e53509b7bf833f1d9bdbb82c6f594c4ffb119