Skills
skills/mksglu/context-mode/ctx-upgrade/Socket

ctx-upgrade

Warn

Audited by Socket on Mar 21, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill's capabilities broadly match its purpose as a local upgrader, but it delegates powerful upgrade/install behavior to an unseen CLI that pulls from GitHub and modifies global/npm/hook state. The main concern is install-trust and opaque downstream actions, not clear evidence of credential theft or malicious exfiltration.

Confidence: 78%Severity: 58%
Audit Metadata
Analyzed At
Mar 21, 2026, 08:39 PM
Package URL
pkg:socket/skills-sh/mksglu%2Fcontext-mode%2Fctx-upgrade%2F@f1f6f9890320c870785987a8b989e2a63d268bcc