sessions

Warn

Audited by Socket on Jun 19, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is not overtly malicious and uses an apparently official same-org CLI, but it has notable consistency and trust-boundary issues. Main concerns are mutable `npx @latest` execution, routing all API access and credentials through Membrane as an intermediary, optional arbitrary URL proxying, and inconsistent description of what service/data model the skill actually targets.

Confidence: 84%Severity: 59%
Audit Metadata
Analyzed At
Jun 19, 2026, 10:48 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fsessions%2F@6e5a3807ecb513dbe7a23ba21480fb6088140cf064e4b986dffc3f0057e65bdd
Security Audit — socket — sessions