skills/trotsky1997/my-claude-agent-skills/pixi/Socket

pixi

Fail

Audited by Socket on Feb 16, 2026

1 alert found:

Malware

MalwareSKILL.md

HIGH

MalwareHIGH

SKILL.md

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) This document is a benign-looking user guide for a package manager/task runner. I found no direct malicious code in the text itself. However, there are supply-chain and operational risks: the recommended install method (curl | sh, irm | iex) and support for arbitrary extra-index/proxy URLs and activation scripts create plausible avenues for credential interception or arbitrary code execution if the remote installer, package indexes, or manifest sources are malicious or compromised. The capabilities described are consistent with the tool's purpose, but the documentation lacks security safeguards (installer verification, credential handling guidance). Treat the installer and any custom indexes/proxies as high-trust components; prefer verifying installer artifacts and using signed releases or distro packages where possible. LLM verification: This skill file is documentation for a package manager and does not itself contain executable code, but it instructs users to run remote installers (curl | sh, PowerShell remote execution) and to use custom package indexes and proxies. Those patterns are legitimate for installers but are high-risk from a supply-chain perspective because they allow arbitrary remote code execution and potential credential or package tampering. The presence (per scanner) of destructive shell commands in the materia

Confidence: 95%Severity: 90%

Audit Metadata

Analyzed At

Feb 16, 2026, 01:41 PM

Package URL

pkg:socket/skills-sh/trotsky1997%2Fmy-claude-agent-skills%2Fpixi%2F@82cd70461a9df91ed20cf333f5c2d8cce00d8aa8