api-gateway

Warn

Audited by Socket on Jul 10, 2026

2 alerts found:

Securityx2
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s stated purpose matches its broad SaaS-integration features, and the install sources are comparatively normal, but its core data flow routes all third-party API access through Maton’s intermediary gateway instead of official service endpoints. Combined with trigger/webhook forwarding, arbitrary destination URLs, and agent-enabled real-world actions, this creates medium-high security risk even without direct evidence of malware.

Confidence: 88%Severity: 79%
SecurityMEDIUM
providers/cursor/plugin/skills/api-gateway/SKILL.md

SUSPICIOUS. The skill is internally coherent for a managed API gateway, and its install sources appear same-org and legitimate. However, it routes credentials and API traffic through Maton as an intermediary rather than official service endpoints, supports broad high-impact actions across many services, and allows arbitrary webhook destinations and local event handlers. This looks more like a powerful cross-service control plane than a simple API helper, so the main concern is gateway trust, credential forwarding, and expansive action scope rather than confirmed malware.

Confidence: 87%Severity: 72%
Audit Metadata
Analyzed At
Jul 10, 2026, 05:08 PM
Package URL
pkg:socket/skills-sh/maton-ai%2Fapi-gateway-skill%2Fapi-gateway%2F@4d72d59261bc7ce767ccd71242ca2bdb37949781
Security Audit — socket — api-gateway