Skills
skills/membranedev/application-skills/assembla/Socket

assembla

Warn

Audited by Socket on Apr 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is broadly aligned with its stated purpose, and the CLI comes from an official registry, so it is not overtly malicious. The main risk is that all Assembla access and credentials are mediated by Membrane rather than going directly to official Assembla endpoints, creating a third-party credential and data-routing dependency with unpinned CLI execution and dynamically generated actions.

Confidence: 84%Severity: 58%
Audit Metadata
Analyzed At
Apr 29, 2026, 06:52 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fassembla%2F@c53d66ca5bf09d00ed91c8ed2d7083794ea561e3
Security Audit — socket — assembla