Trusted
Security Findings(1)
Suspicious npm/pip package install
highSkill instructs installation of a non-standard package. Verify the package name.
npm install -g package-name
Verify this package exists on the official registry and is the intended package.
malware-deliverySK-014
Score Breakdown
Code Analysis80/100 (30%)
Dependency Health65/100 (20%)
Permission Safety100/100 (20%)
Behavioral Stability80/100 (15%)
Transparency70/100 (15%)
Skill Info
- Trust Level
- trusted
- File Type
- skill.md
- Platform
- Cursor
- Scope
- project
- Source
- github
- Content Hash
- 2a6c46a1188c...
- Last Scanned
- 2/23/2026