claude-code-marketplace

Warn

Audited by Socket on Mar 19, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

总体偏可疑而非恶意。核心文件读写与版本/日志维护目的基本一致，但该技能还要求在 README 中维护并推广 `npx skills add` 安装第三方 GitHub skill 的命令，带来明显的转安装与供应链风险；未见凭据收集、数据外传或隐藏行为。

Confidence: 88%Severity: 58%

Audit Metadata

Analyzed At

Mar 19, 2026, 01:45 PM

Package URL

pkg:socket/skills-sh/ruan-cat%2Fmonorepo%2Fclaude-code-marketplace%2F@e46ca484be05b143f789e5ec1756a8ef6f94efdc