coliseum-orchestrator

Warn

Audited by Socket on Jun 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s orchestration purpose largely matches its behavior, and it does not show direct credential theft, exfiltration, or malicious payload execution. The main risk is transitive trust: it autonomously dispatches to multiple unverified sub-skills/agents with broad tool access, including Bash, without providing provenance or version controls for those dependencies.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 16, 2026, 12:04 PM
Package URL
pkg:socket/skills-sh/4444j99%2Fa-i--skills%2Fcoliseum-orchestrator%2F@37a0c04c7b65e028ae5aad9d2592ef75a71e2b835fdb6ff0d2f4a80c4519609b
Security Audit — socket — coliseum-orchestrator