Skills
skills/manavarya09/design-extract/extract-design/Socket

extract-design

Warn

Audited by Socket on Apr 15, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s behavior broadly matches its stated purpose, but it delegates core functionality to a personal third-party npm CLI and processes arbitrary external web content with Bash/Write available. This is more a supply-chain and untrusted-content risk than evidence of malicious intent; no credential requests, exfiltration endpoints, or disproportionate access are present.

Confidence: 82%Severity: 56%
Audit Metadata
Analyzed At
Apr 15, 2026, 11:54 AM
Package URL
pkg:socket/skills-sh/Manavarya09%2Fdesign-extract%2Fextract-design%2F@46669b37440bfd2819363fd950633283d2af1f22