website-screenshot-notte

Warn

Audited by Socket on Jul 2, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core purpose is coherent, and the CLI install appears to come from an official source, but the skill routes screenshot operations and credentials through a Gooseworks proxy, reads raw local credential files, and allows arbitrary URL navigation. This is not clearly malicious, yet the proxy-centric data flow and credential handling are broader than a simple website screenshot skill needs.

Confidence: 84%Severity: 61%
Audit Metadata
Analyzed At
Jul 2, 2026, 06:17 AM
Package URL
pkg:socket/skills-sh/athina-ai%2Fgoose-skills%2Fwebsite-screenshot-notte%2F@6467e68fd6c43ccba4e087822085018e2dba753d8f56bfcd8af981b18289a8cf
Security Audit — socket — website-screenshot-notte