Skills
skills/horizon-continental/hct-skills/vscode-cc-login-free/Socket

vscode-cc-login-free

Warn

Audited by Socket on Apr 13, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS。该技能目的与其本地文件读写能力基本相关,但核心价值是绕过插件正常登录并复制认证令牌,还鼓励同步危险权限设置。未见明显外传或恶意下载,故不像确认恶意;但在缺少 configure.py 源码时,令牌处理与权限放宽使其整体风险中等偏高。

Confidence: 80%Severity: 58%
Audit Metadata
Analyzed At
Apr 13, 2026, 07:16 AM
Package URL
pkg:socket/skills-sh/horizon-continental%2Fhct-skills%2Fvscode-cc-login-free%2F@0d5c6c3dbf00d7a3d120b2701106e854f71de79a