Skills
skills/membranedev/application-skills/hygraph/Socket

hygraph

Warn

Audited by Socket on Apr 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill's capabilities match its Hygraph-management purpose, and the CLI install source appears to be an official Membrane package rather than an ad-hoc payload. However, all authentication and API traffic are funneled through Membrane as an intermediary, creating meaningful credential-forwarding and data-flow risk beyond a direct Hygraph integration.

Confidence: 86%Severity: 56%
Audit Metadata
Analyzed At
Apr 30, 2026, 09:54 AM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fhygraph%2F@426451b345af3dce364604603293b4c54d3192cf
Security Audit — socket — hygraph