tooluniverse-codex-plugin

Warn

Audited by Socket on Jun 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is broadly coherent with its stated purpose, but it creates a notable supply-chain and transitive-trust footprint: official yet unpinned curl|sh installation of uv, Git marketplace plugin installation, automatic Git-based updates, and credential inheritance into a uvx-executed MCP server. No clear credential harvesting, covert behavior, or incompatible data-routing is shown, so this is not malicious, but the install and execution trust model is medium risk.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 16, 2026, 05:17 AM
Package URL
pkg:socket/skills-sh/mims-harvard%2FToolUniverse%2Ftooluniverse-codex-plugin%2F@036c700aa29839ea2a30ac27422cd33edd7705bb6b9f834a25db1cac26d6dab2
Security Audit — socket — tooluniverse-codex-plugin