Skills
skills/jwiegley/claude-prompts/forge/Socket

forge

Warn

Audited by Socket on Mar 13, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s capabilities mostly match its stated purpose, but its footprint is broad. The main concerns are external transmission of repository content to partner models, use of a bypassPermissions subagent for code changes, and prompt-injection exposure from analyzing untrusted project content before taking actions. No clear malware or overt credential theft behavior is present.

Confidence: 88%Severity: 64%
Audit Metadata
Analyzed At
Mar 13, 2026, 03:04 PM
Package URL
pkg:socket/skills-sh/jwiegley%2Fclaude-prompts%2Fforge%2F@263e52899ba725a6c422b876c789e98e215d48c7