skills/membranedev/application-skills/banked/Socket

banked

Warn

Audited by Socket on May 2, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: The skill's capabilities broadly match its purpose, and the CLI comes from a legitimate npm package rather than a raw installer. However, all Banked access and authentication are funneled through Membrane as a third-party intermediary, creating medium data-flow and trust-boundary risk, compounded by unpinned @latest installs.

Confidence: 86%Severity: 52%

Audit Metadata

Analyzed At

May 2, 2026, 11:50 PM

Package URL

pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fbanked%2F@01df6eeec5677057d2f80e0be016ac807ff8c6d7