skills/membranedev/application-skills/quickmailio/Socket

quickmailio

Warn

Audited by Socket on Apr 29, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: the skill is purpose-aligned and uses an official-looking npm CLI, but it routes authentication and API traffic through Membrane instead of directly to QuickMail.io. That intermediary data flow and unpinned CLI execution create medium security risk, though there is not enough evidence to call it malicious.

Confidence: 88%Severity: 56%

Audit Metadata

Analyzed At

Apr 29, 2026, 08:44 PM

Package URL

pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fquickmailio%2F@6ccef237b8a1bf941ac7399e2ba2229168a76c70