llm-models
Warn
Audited by Socket on Jul 7, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS: the stated purpose is plausible, but the skill’s footprint relies on a third-party CLI, mutable install instructions, and transitive skill installation with broad belt command permission. This looks more like a platform bootstrapper than a narrowly scoped model-access skill, so the install-trust and transitive-trust risks outweigh otherwise coherent functionality.
Confidence: 84%Severity: 76%
Audit Metadata