skills/ruan-cat/monorepo/init-claude-code-statusline/Socket

init-claude-code-statusline

Warn

Audited by Socket on Mar 19, 2026

1 alert found:

Anomaly

Anomalytemplates/settings.json

LOW

AnomalyLOW

templates/settings.json

This JSON by itself is not an explicit malware payload but constitutes a high-risk execution vector: it instructs the consumer to run a local shell script from a relative, hidden path without integrity or provenance checks. The main threat is supply-chain tampering or local file replacement leading to arbitrary code execution and potential data exfiltration. Recommend auditing the .claude/statusline.sh contents and provenance, enforcing integrity checks (hash/signature), using absolute vetted binaries or sandboxed execution, and restricting which directories may contain executable scripts.

Confidence: 75%Severity: 55%

Audit Metadata

Analyzed At

Mar 19, 2026, 01:44 PM

Package URL

pkg:socket/skills-sh/ruan-cat%2Fmonorepo%2Finit-claude-code-statusline%2F@b5a31c30979a6efc5d80df363e4b9bd439b5bc8a