build
Warn
Audited by Socket on May 18, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
The skill is largely aligned with its stated Solana/Helius purpose and routes data to expected Helius endpoints, so it does not look malicious. The main risk is operational: it encourages installing external npm-based MCP/CLI tools and enables autonomous financial/on-chain actions such as signup payments, transfers, and billing changes, which makes it high-risk to grant an agent without strict user approval gates.
Confidence: 86%Severity: 72%
Audit Metadata