annature
Warn
Audited by Socket on May 2, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill’s capabilities mostly match its stated Annature integration purpose, and the CLI install path appears same-org and officially documented. The main concern is data flow integrity and trust expansion: Annature auth and data are routed through Membrane as an intermediary, and the skill can create/run remote actions that affect records. This is not clearly malicious, but it carries medium risk due to third-party credential/data mediation and mutable CLI installation.
Confidence: 85%Severity: 52%
Audit Metadata