Skills
skills/michael-menard/monorepo/roadmap/Socket

roadmap

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core behavior fits an internal roadmap viewer, and data flows remain local/internal, but the fallback hardcodes database credentials and grants direct DB access that is broader than necessary. This looks more like over-privileged internal tooling than malware; the main risk is credential exposure and unnecessary bypass of the preferred MCP interface.

Confidence: 89%Severity: 52%
Audit Metadata
Analyzed At
Mar 18, 2026, 08:06 PM
Package URL
pkg:socket/skills-sh/michael-menard%2Fmonorepo%2Froadmap%2F@c0a285a5da59cdc180af9be0b7a3dd17425ac66c
Security Audit — socket — roadmap