Skills
skills/ingpoc/skills/initialization/Socket

initialization

Warn

Audited by Socket on Apr 26, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the stated purpose matches project initialization, but the skill’s real footprint depends on opaque local scripts and transitive loading of other skills, especially for MCP and hook setup. No direct credential theft or malicious exfiltration is visible, yet install trust is only partially verifiable, so this is medium risk rather than benign.

Confidence: 82%Severity: 57%
Audit Metadata
Analyzed At
Apr 26, 2026, 09:24 AM
Package URL
pkg:socket/skills-sh/ingpoc%2Fskills%2Finitialization%2F@7a0f5d75f71881f81dd92b1d9fc518c9ac116c8b