perfectpixel

Warn

Audited by Socket on Jun 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s stated purpose matches sprite generation, but it relies on a shell-installed external CLI, mutable versioning, and credential forwarding to that CLI. Same-repo source visibility prevents a malicious classification, yet install-trust and provider data-flow ambiguity keep the security risk in the medium range.

Confidence: 80%Severity: 62%
Audit Metadata
Analyzed At
Jun 30, 2026, 04:50 AM
Package URL
pkg:socket/skills-sh/akillness%2Fjeo-skills%2Fperfectpixel%2F@ae1dc47e49db4ce2ae8a3ed26060532454ccb3a0d6dddf83b0bb2b3c24f0f05c
Security Audit — socket — perfectpixel