skills/magic-meal-kits/mmk-skills/mmk-paymint-licenses/Socket

mmk-paymint-licenses

Warn

Audited by Socket on Mar 17, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

The skill’s visible behavior matches its purpose, but it depends on a local `mmk` executable that could not be publicly verified and grants broader-than-needed shell scope via `Bash(mmk *)`. With no installer, source, or release verification for the CLI, this is best classified as SUSPICIOUS rather than benign or malicious.

Confidence: 83%Severity: 72%

Audit Metadata

Analyzed At

Mar 17, 2026, 03:34 PM

Package URL

pkg:socket/skills-sh/magic-meal-kits%2Fmmk-skills%2Fmmk-paymint-licenses%2F@859a06ce8b861e1f2a6f3e457e24d7bff50b3d63