skills/willbooster/agent-skills/review-codex/Socket

review-codex

Warn

Audited by Socket on Apr 11, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: the stated purpose is plausible, but the skill is mostly a wrapper that runs unpinned third-party code with broad `bunx` shell permission. The main concern is supply-chain and delegated data flow risk, not confirmed malware.

Confidence: 79%Severity: 58%

Audit Metadata

Analyzed At

Apr 11, 2026, 12:50 AM

Package URL

pkg:socket/skills-sh/WillBooster%2Fagent-skills%2Freview-codex%2F@11109bbc5bccd45fb9fcc335716e1d32eccc80f4