Skills
skills/membranedev/application-skills/paystand/Socket

paystand

Warn

Audited by Socket on Apr 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is internally coherent for a Membrane-based Paystand integration and uses an official npm package, so it is not overtly malicious. However, it routes authentication and Paystand operations through Membrane rather than direct Paystand APIs, creating meaningful third-party credential/data exposure and moderate operational risk for finance-related actions.

Confidence: 86%Severity: 56%
Audit Metadata
Analyzed At
Apr 29, 2026, 02:48 AM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fpaystand%2F@b5c1166746f04a0c29778030aa5f77d0684f87fe
Security Audit — socket — paystand