Skills
skills/membranedev/application-skills/kiotviet/Socket

kiotviet

Warn

Audited by Socket on Apr 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is coherent in purpose, but its actual footprint is materially broader than a direct KiotViet integration because authentication, credential refresh, and API traffic are routed through Membrane. The npm-based CLI install is relatively normal, but the third-party proxy model and broad write-capable actions create medium security risk rather than clear malware evidence.

Confidence: 86%Severity: 58%
Audit Metadata
Analyzed At
Apr 30, 2026, 08:14 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fkiotviet%2F@6c9a2030ccb8846a2d8b7d32fd0137c466596804