Skills
skills/membranedev/application-skills/onelogin/Socket

onelogin

Warn

Audited by Socket on Apr 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s core behavior is coherent for a OneLogin integration, and installation comes from npm rather than an opaque binary. However, it routes authentication and API traffic through Membrane as a third-party intermediary instead of directly to OneLogin, creating medium data-flow and credential-forwarding risk; this appears disclosed and product-consistent rather than overtly malicious.

Confidence: 89%Severity: 58%
Audit Metadata
Analyzed At
Apr 30, 2026, 01:43 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fonelogin%2F@51c7d61dc09a53d01e54472ad7048e04b7c575de
Security Audit — socket — onelogin