substack-skill
Warn
Audited by Socket on Jul 5, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill is broadly aligned with its stated Substack-post management purpose and does not show obvious malware or third-party credential harvesting, but it uses an unofficial internal API plus a copied browser session cookie with high account privilege. That credential model and the ability to publish/email subscribers create meaningful security risk even though the data flow stays on Substack and the skill includes a confirmation safeguard.
Confidence: 89%Severity: 58%
Audit Metadata