publish-social
Warn
Audited by Socket on Jul 4, 2026
2 alerts found:
AnomalySecurityAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The stated purpose matches social publishing, and the named Typefully/CSV workflows are plausible, but the skill handles raw local credentials and enables live posting across 9 platforms while relying on an unnamed browser-automation layer. No confirmed malware or explicit exfiltration is visible, yet the combination of credential auto-detection, public-action capability, and unverifiable automation makes this medium risk.
Confidence: 79%Severity: 61%
Securityreferences/session-cookie-export.md
MEDIUMSecurityMEDIUM
references/session-cookie-export.md
Audit Metadata