skills/thebushidocollective/han/monorepo-tooling/Socket

monorepo-tooling

Fail

Audited by Socket on Feb 15, 2026

1 alert found:

Malware

MalwareSKILL.md

HIGH

MalwareHIGH

SKILL.md

[Skill Scanner] Instruction directing agent to run/execute external content All findings: [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The content is a documentation-centric guide detailing monorepo tooling options, configurations, and best practices. It includes placeholders for credentials and standard tooling commands. No evidence of data exfiltration, credential harvesting, or malicious behavior. Ensure placeholders are not committed as secrets and that users follow secure secret management practices. LLM verification: This file is documentation for monorepo tooling and contains expected configuration and command examples. I found no direct evidence of embedded malware or obfuscated/backdoor code in the provided content. However, it contains several risky patterns that can lead to supply-chain or operational harm if followed without care: unpinned dependency installs, instructions that encourage storing tokens in config files, and destructive shell commands shown in examples. Recommend: (1) avoid committing se

Confidence: 95%Severity: 90%

Audit Metadata

Analyzed At

Feb 15, 2026, 09:23 PM

Package URL

pkg:socket/skills-sh/thebushidocollective%2Fhan%2Fmonorepo-tooling%2F@67e4611f69c9bbc1be217d4e4f83dbee4593f7ff