annature

Warn

Audited by Socket on May 2, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s capabilities mostly match its stated Annature integration purpose, and the CLI install path appears same-org and officially documented. The main concern is data flow integrity and trust expansion: Annature auth and data are routed through Membrane as an intermediary, and the skill can create/run remote actions that affect records. This is not clearly malicious, but it carries medium risk due to third-party credential/data mediation and mutable CLI installation.

Confidence: 85%Severity: 52%
Audit Metadata
Analyzed At
May 2, 2026, 11:06 AM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fannature%2F@d7d8d847ecd84c9dee07f83912ba33b27133d11a
Security Audit — socket — annature