create-slash-commands

Warn

Audited by Socket on Mar 3, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

The fragment is a coherent, benign design/spec for slash-command generation with XML structure and dynamic-context capabilities. It does not itself perform any I/O, credential handling, or network activity. The main concern is proper implementation discipline in downstream tooling to ensure that dynamic-state usage (bash commands, file references) is sandboxed and restricted to safe contexts. Overall security risk is low when used as documented, but downstream execution of dynamic-context patterns should be guarded.

Confidence: 75%Severity: 75%
Audit Metadata
Analyzed At
Mar 3, 2026, 04:44 PM
Package URL
pkg:socket/skills-sh/mattjefferson%2Fagents%2Fcreate-slash-commands%2F@29fc8a067e5808f7b7dba88ae00bf5e6593bee51