Skills
skills/hotriluan/alkana-dashboard/mcp-management/Socket

mcp-management

Warn

Audited by Socket on Mar 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s core behavior fits its stated MCP-management purpose, but the recommended Gemini CLI install command does not match the publisher’s official package name, creating a meaningful supply-chain trust issue. Data flows are mostly proportionate to MCP orchestration, yet delegating tool execution to an external AI CLI with auto-confirmation raises additional operational risk.

Confidence: 87%Severity: 56%
Audit Metadata
Analyzed At
Mar 29, 2026, 03:20 AM
Package URL
pkg:socket/skills-sh/hotriluan%2Falkana-dashboard%2Fmcp-management%2F@1e2fc597e4c0c9d56565b0741ea336e643f2d932