vue-layout

Warn

Audited by Socket on Jun 17, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core UI-layout purpose is coherent, but the skill implicitly depends on a third-party MCP path that can auto-run external code, receives Figma API credentials, and may emit telemetry. The behavior is not overtly malicious, yet the trust and credential-routing model is broader than a simple Vue slicing skill and less trustworthy than using Figma’s official MCP directly.

Confidence: 86%Severity: 58%
Audit Metadata
Analyzed At
Jun 17, 2026, 09:02 PM
Package URL
pkg:socket/skills-sh/Eva813%2Ffront-flow%2Fvue-layout%2F@b3b281dadb2b6f8567e559c63676df5793031c9ebb84fd78d863b48d7c728c50
Security Audit — socket — vue-layout