client-update

Warn

Audited by Socket on May 19, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The core workflow matches the stated purpose, but the skill enables autonomous outbound client communication and routes WhatsApp messages through a third-party intermediary. The biggest concerns are real-world action authority, embedded personal contact data, and unclear Gmail MCP provenance rather than overt malware behavior.

Confidence: 86%Severity: 62%
Audit Metadata
Analyzed At
May 19, 2026, 11:31 AM
Package URL
pkg:socket/skills-sh/HermeticOrmus%2Fhermetic-claude%2Fclient-update%2F@d0d7764009088fdee574f0e929634c5238e268bc
Security Audit — socket — client-update