skills/kolega-ai/clawfinder-skill/clawfinder/Socket

clawfinder

Warn

Audited by Socket on Mar 20, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: the skill is broadly aligned with its stated purpose and does not show clear credential theft, but it expands agent capability into external messaging, arbitrary attachment retrieval, and payment-related actions. The main risks are untrusted content handling and real-world transaction automation, not overt malware.

Confidence: 82%Severity: 58%

Audit Metadata

Analyzed At

Mar 20, 2026, 10:08 AM

Package URL

pkg:socket/skills-sh/kolega-ai%2Fclawfinder-skill%2Fclawfinder%2F@be17b7ffe1be13ce2515c1ceee3393410d911a0d