skills/jssfy/k-skills/field-books-survey/Socket

field-books-survey

Warn

Audited by Socket on Mar 20, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

该技能整体目的与能力基本一致：做学科调研、整理书单、写本地文档。未见安装第三方可执行文件、凭证请求或外传通道，因此不像恶意或窃密技能。但它会大规模处理不受信任网页内容，同时拥有 Agent、Write、Bash，并默认自动递归执行深度分析，存在明显的间接提示注入与过度自动化风险。综合判定为 SUSPICIOUS，而非 MALICIOUS。

Confidence: 88%Severity: 66%

Audit Metadata

Analyzed At

Mar 20, 2026, 02:22 PM

Package URL

pkg:socket/skills-sh/jssfy%2Fk-skills%2Ffield-books-survey%2F@aa1bac976b1b3de7788818f0ef992d731d57fad2