money
Warn
Audited by Socket on May 16, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS: the core routing and local state management are mostly coherent with a business-automation skill, and the npm update check is benign. The main risks are disproportionate autonomy scope, transitive trust in many other skills, and optional credential/data routing through ccapi.ai instead of official model APIs.
Confidence: 88%Severity: 74%
Audit Metadata