Skills
skills/ki2pixel/render_signal_server/shrimp-task-manager/Socket

shrimp-task-manager

Warn

Audited by Socket on Mar 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill's planning purpose is mostly coherent, but its footprint depends on a third-party MCP tool from a personal GitHub repo and a documented runtime pattern that disables normal permission checks. No clear credential harvesting or exfiltration is shown, so this is not confirmed malware, but it carries meaningful supply-chain and execution-scope risk beyond a simple task-management guide.

Confidence: 82%Severity: 62%
Audit Metadata
Analyzed At
Mar 29, 2026, 05:31 AM
Package URL
pkg:socket/skills-sh/ki2pixel%2Frender_signal_server%2Fshrimp-task-manager%2F@418de80c27c0219e17747184deca2fd167e2e1d2
Security Audit — socket — shrimp-task-manager