skills/aradotso/design-skills/meigen-ai-design-mcp/Socket

meigen-ai-design-mcp

Warn

Audited by Socket on May 18, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: the core capabilities fit an AI design skill, but the trust footprint is broader than a simple prompt helper. It installs transitive marketplace components, executes a remote CLI via `npx`, forwards API keys through that tool, and uploads local images to cloud services. The behavior is mostly purpose-aligned, so this is not confirmed malware, but provenance and credential-routing risks make it a medium-risk skill.

Confidence: 82%Severity: 62%

Audit Metadata

Analyzed At

May 18, 2026, 12:14 PM

Package URL

pkg:socket/skills-sh/Aradotso%2Fdesign-skills%2Fmeigen-ai-design-mcp%2F@4ae3b030a8927fa6dff0af4a0d2f8ec957dfa3ff