Skills
skills/skillsh/skills/prompt-engineering/Socket

prompt-engineering

Warn

Audited by Socket on Apr 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s main behavior is consistent with a prompt-engineering guide, but it relies on a remote-installed vendor CLI, forwards prompts/auth through that CLI, grants broad `infsh *` execution, and suggests installing additional skills. Same-org installer evidence lowers concern from malicious to medium-risk supply-chain and scope issues.

Confidence: 84%Severity: 58%
Audit Metadata
Analyzed At
Apr 16, 2026, 12:27 PM
Package URL
pkg:socket/skills-sh/skillsh%2Fskills%2Fprompt-engineering%2F@2de8ef55bf885f04cd51b2318f2533aecd60a7b1