The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill files (SKILL.md and socket-dep-upgrade/SKILL.md) contain a hardcoded API token (sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api). Although documented as a public demo token for limited CLI access, hardcoding functional security tokens within instructions is a violation of credential management best practices.
[REMOTE_CODE_EXECUTION]: The socket-dep-patch skill instructs users to install a utility by piping a script from a remote GitHub repository directly to the shell (curl ... | sh). This execution method poses a high risk if the remote source or delivery path is compromised.
[EXTERNAL_DOWNLOADS]: The skill downloads and executes various external tools and configurations from vendor-owned repositories and the npm registry, including the socket and socket-patch command-line utilities.
[COMMAND_EXECUTION]: The skill uses npx and system-level package managers to execute security tools and modify project dependencies, involving operations like installing packages and running code fixing utilities.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted dependency manifest files (e.g., package.json, requirements.txt) and external JSON scan results to automate source code modifications. Ingestion points: Project manifest files and results from the socket fix tool. Boundary markers: None identified in the instructional prompts. Capability inventory: Shell command execution, package installation, and automated rewriting of import statements and API calls across the codebase. Sanitization: No validation or escaping of external data is present before it is used to drive code refactoring logic.

socket-fix