vps

Warn

Audited by Socket on May 20, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill’s purpose matches VPS management, but its trust chain does not. It requires an unverifiable `vps` CLI, forwards an API key to that opaque binary, and emits infrastructure secrets in JSON output; this is proportionate in function but not in install/auth trust.

Confidence: 84%Severity: 84%
Audit Metadata
Analyzed At
May 20, 2026, 05:16 AM
Package URL
pkg:socket/skills-sh/crafter-station%2Fvps-cli%2Fvps%2F@4de1f8f4ae429794367cb1bd304548dc4745382b
Security Audit — socket — vps