Skills
skills/membranedev/application-skills/encharge/Socket

encharge

Warn

Audited by Socket on Apr 28, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s stated purpose matches Encharge management, and the CLI install path is relatively standard via npm. However, the actual data flow is mediated through Membrane rather than direct Encharge APIs, so credentials and Encharge data are entrusted to a third-party platform; combined with unpinned global CLI installation and dynamic action generation, this makes the skill medium-risk rather than clearly benign.

Confidence: 85%Severity: 56%
Audit Metadata
Analyzed At
Apr 28, 2026, 10:28 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fencharge%2F@6d9a00a87c9d5247df33ab224ee74a1156a49a12
Security Audit — socket — encharge