skills/wenjunduan/rlues/vibe-dev/Socket

vibe-dev

Warn

Audited by Socket on May 2, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

该技能表面上是工作流入口，直接行为较少，但其核心价值在于把控制权交给未披露的 riper-pace/PACE/RIPER 链路。主要问题不是当前文件本身恶意，而是传递信任和未验证下游能力导致的中等偏高风险；更适合判为 SUSPICIOUS 而非确认恶意。

Confidence: 84%Severity: 64%

Audit Metadata

Analyzed At

May 2, 2026, 10:39 PM

Package URL

pkg:socket/skills-sh/WenJunDuan%2FRlues%2Fvibe-dev%2F@1ee5c8d9f5fbd3be01b3a71f67f75631ecff37fa