skills/yaklang/hack-skills/api-auth-and-jwt-abuse/Socket

api-auth-and-jwt-abuse

Warn

Audited by Socket on Apr 8, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

SUSPICIOUS. The skill is internally consistent and does not show supply-chain or exfiltration behavior, but it is an offensive API/JWT abuse playbook for an AI agent. Risk is driven by enabling active security testing and bypass techniques, not by malware-like behavior.

Confidence: 92%Severity: 74%

Audit Metadata

Analyzed At

Apr 8, 2026, 05:24 AM

Package URL

pkg:socket/skills-sh/yaklang%2Fhack-skills%2Fapi-auth-and-jwt-abuse%2F@06ca4a6bd6f7c27ffaded82cec91a0fac3448010