Skills
skills/tanweai/pua/pua-ja/Socket

pua-ja

Warn

Audited by Socket on Mar 23, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is not a credential stealer or installer-based payload, but its actual footprint is broader than a simple coaching/debugging aid. It normalizes high-autonomy behavior across all tasks, encourages processing untrusted external content before consulting the user, and propagates this pattern across agent teams, creating meaningful operational and prompt-injection risk.

Confidence: 87%Severity: 69%
Audit Metadata
Analyzed At
Mar 23, 2026, 07:57 AM
Package URL
pkg:socket/skills-sh/tanweai%2Fpua%2Fpua-ja%2F@7b83849f1679802e8a059814a320e37a2fbdc8c4