gangtise-copilot

Warn

Audited by Socket on May 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill's purpose broadly matches its capabilities, and the credential validation flow appears to target official Gangtise endpoints, but trust is weakened because the wrapper comes from a third-party GitHub publisher, installs 19 additional remote skills, and uses unpinned downloads without integrity verification. This is better classified as a high supply-chain and transitive-trust risk than confirmed malware.

Confidence: 87%Severity: 76%
Audit Metadata
Analyzed At
May 18, 2026, 11:38 PM
Package URL
pkg:socket/skills-sh/daymade%2Fclaude-code-skills%2Fgangtise-copilot%2F@510b1edc5b1e60d9b1175f44d687f098e4d18530
Security Audit — socket — gangtise-copilot