Skills
skills/membranedev/application-skills/vectara/Socket

vectara

Warn

Audited by Socket on Apr 28, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-distributed CLI, but its real footprint is broader than a direct Vectara integration because all auth and data operations are mediated through Membrane. The main risks are third-party credential/data routing and unpinned CLI execution, not confirmed malware.

Confidence: 86%Severity: 58%
Audit Metadata
Analyzed At
Apr 28, 2026, 08:15 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fvectara%2F@427d9368ac1519b016fff42580022144af911a41
Security Audit — socket — vectara