when-mapping-dependencies-use-dependency-mapper

Warn

Audited by Socket on Jun 26, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The core purpose and capabilities are mostly coherent for a dependency-mapping skill, and there is no explicit malware pattern or dangerous installer. The main concern is trust expansion to third-party tooling: claude-flow@alpha is not an official Claude Code dependency, and the MCP/subagent components lack verifiable endpoint and data-flow details. This is best classified as medium risk due to external-tool provenance and unspecified outbound data handling, not confirmed malicious behavior.

Confidence: 84%Severity: 57%
Audit Metadata
Analyzed At
Jun 26, 2026, 03:22 AM
Package URL
pkg:socket/skills-sh/DNYoussef%2Fai-chrome-extension%2Fwhen-mapping-dependencies-use-dependency-mapper%2F@5d2e5e0fb753b5845a0dfe2045652113dabccb1f455955e59e8e7d68212fe2c0
Security Audit — socket — when-mapping-dependencies-use-dependency-mapper