build

Warn

Audited by Socket on May 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

The skill is largely aligned with its stated Solana/Helius purpose and routes data to expected Helius endpoints, so it does not look malicious. The main risk is operational: it encourages installing external npm-based MCP/CLI tools and enables autonomous financial/on-chain actions such as signup payments, transfers, and billing changes, which makes it high-risk to grant an agent without strict user approval gates.

Confidence: 86%Severity: 72%
Audit Metadata
Analyzed At
May 18, 2026, 04:18 PM
Package URL
pkg:socket/skills-sh/helius-labs%2Fcore-ai%2Fbuild%2F@49993b17c28681214cf15fb3546c9f76ba1a8104
Security Audit — socket — build