skills/magic-meal-kits/mmk-skills/mmk-threads/Socket

mmk-threads

Warn

Audited by Socket on Mar 17, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

The stated purpose and capabilities are broadly aligned: a Threads skill using a Threads-oriented CLI is plausible. The main risk is trust and transparency: this skill depends on an external `mmk` executable with unverifiable provenance from the provided evidence, broad shell permission for any `mmk` subcommand, and hidden auth/data-flow details delegated to another skill. That makes the skill suspicious from a supply-chain and execution-trust perspective even without direct evidence of malicious behavior in this file.

Confidence: 85%Severity: 72%

Audit Metadata

Analyzed At

Mar 17, 2026, 03:24 PM

Package URL

pkg:socket/skills-sh/magic-meal-kits%2Fmmk-skills%2Fmmk-threads%2F@8b457b13882ea49a572e8f6bbacdf777d2768056