Skills
skills/ruoji6/java-audit-skills/java-audit-pipeline/Socket

java-audit-pipeline

Warn

Audited by Socket on Mar 14, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: The skill is internally consistent as a Java security-audit pipeline and does not show credential theft, remote exfiltration, or malicious installer behavior. However, it gives an AI agent substantial autonomous offensive-security capability and transitive trust in multiple local sub-skills, so the overall risk is high despite low evidence of malware.

Confidence: 87%Severity: 76%
Audit Metadata
Analyzed At
Mar 14, 2026, 02:20 PM
Package URL
pkg:socket/skills-sh/RuoJi6%2Fjava-audit-skills%2Fjava-audit-pipeline%2F@1a0d64c3562fb87354b3f600a240dedd83aca602