Skills
skills/yigitkonur/skills-by-yigitkonur/build-skills/Socket

build-skills

Warn

Audited by Socket on Mar 13, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the stated purpose is coherent, but the skill materially expands trust boundaries by pulling in untrusted remote skill content and using it to shape local file-writing decisions. The biggest issue is indirect prompt-injection exposure during remote research, plus moderate supply-chain risk from the unspecified skill-dl/tooling path.

Confidence: 85%Severity: 76%
Audit Metadata
Analyzed At
Mar 13, 2026, 02:32 PM
Package URL
pkg:socket/skills-sh/yigitkonur%2Fskills-by-yigitkonur%2Fbuild-skills%2F@356082bf37e455c41325c5cac6d9ce48b62dd714