Skills
skills/aradotso/data-skills/harvard-art-museums-data-pipeline/Socket

harvard-art-museums-data-pipeline

Warn

Audited by Socket on May 25, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s functionality is broadly aligned with its stated museum ETL purpose and uses official Harvard API endpoints, but trust is weakened by a publisher mismatch and installation from a personal GitHub repo with weak provenance and inconsistent packaging. Overall this looks like a plausible data-engineering demo with moderate supply-chain and SQL-construction risk, not confirmed malware.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
May 25, 2026, 05:45 AM
Package URL
pkg:socket/skills-sh/Aradotso%2Fdata-skills%2Fharvard-art-museums-data-pipeline%2F@8324ed3f5115c5f9e36640e69e24d69f1d3c1d0b
Security Audit — socket — harvard-art-museums-data-pipeline