Skills
skills/sundial-org/awesome-openclaw-skills/refactor-assist/Socket

refactor-assist

Warn

Audited by Socket on Mar 23, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill's stated purpose mostly matches its behavior, but it relies on executing an external npm CLI via `npx` and forwarding `OPENAI_API_KEY` plus local code to that package and an external model API. The main risk is supply-chain and credential/data exposure, not clear malicious intent.

Confidence: 79%Severity: 58%
Audit Metadata
Analyzed At
Mar 23, 2026, 05:41 PM
Package URL
pkg:socket/skills-sh/sundial-org%2Fawesome-openclaw-skills%2Frefactor-assist%2F@8ec3a12679dddb2b9d648113d3d8933a4b64fdea