sessions
Warn
Audited by Socket on Jun 19, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill is not overtly malicious and uses an apparently official same-org CLI, but it has notable consistency and trust-boundary issues. Main concerns are mutable `npx @latest` execution, routing all API access and credentials through Membrane as an intermediary, optional arbitrary URL proxying, and inconsistent description of what service/data model the skill actually targets.
Confidence: 84%Severity: 59%
Audit Metadata