Skills
skills/fal-ai-community/genmedia-cli/genmedia/Socket

genmedia

Warn

Audited by Socket on Apr 24, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: The workflow fits media generation, but its core dependency is an undocumented `genmedia` CLI whose provenance cannot be verified against fal’s official tooling. Because an unverifiable external binary likely receives API credentials and handles uploads/downloads, the skill carries high supply-chain and credential-forwarding risk despite otherwise plausible purpose alignment.

Confidence: 86%Severity: 84%
Audit Metadata
Analyzed At
Apr 24, 2026, 07:09 AM
Package URL
pkg:socket/skills-sh/fal-ai-community%2Fgenmedia-cli%2Fgenmedia%2F@bdd795d585466a4be99b9caab7d9858592be4ac0