skills/fal-ai-community/skills/ugc/Socket

ugc

Warn

Audited by Socket on May 9, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

SUSPICIOUS. The skill’s behavior matches its stated UGC-production purpose, and its network/media flows are proportionate. The main issue is install/execution trust: it relies on an external `genmedia` CLI distributed through official documentation but via unpinned remote-script install, with insufficient public verification evidence. This is high supply-chain risk, not confirmed malware.

Confidence: 86%Severity: 78%

Audit Metadata

Analyzed At

May 9, 2026, 08:31 AM

Package URL

pkg:socket/skills-sh/fal-ai-community%2Fskills%2Fugc%2F@43ee0da6bedc57ea80bb6b6f6457cceffcd8caa6