postgrid

Warn

Audited by Socket on Apr 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the install source is reasonably trustworthy, but the skill’s real footprint is a Membrane integration layer that stores credentials server-side and routes PostGrid operations through Membrane rather than directly to PostGrid. That intermediary credential and data flow is broader than the stated PostGrid purpose and creates medium security risk even without clear malware indicators.

Confidence: 88%Severity: 64%
Audit Metadata
Analyzed At
Apr 30, 2026, 04:50 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fpostgrid%2F@79ddb38f796641ccd01d9b5fd90289979a59a87c
Security Audit — socket — postgrid