printing-press-retro

Warn

Audited by Socket on May 17, 2026

1 alert found:

Anomaly
AnomalyLOW
references/artifact-packaging.md

This module is best characterized as an artifact packaging and sharing helper. It stages local files, relies on an external secret-scrubbing/verification step, compresses staged content, and then uploads the retro markdown plus zips to an external service (catbox.moe) using curl. There is no direct evidence of classic malware behaviors in this snippet; however, the primary supply-chain security risk is privacy/data exfiltration if secret scrubbing/verification is incomplete or bypassed, plus weaker upload-success validation based solely on a simple 'https://' check. Review and verify the referenced secret-scrubbing implementation and confirm the intended destination and user consent model for uploads.

Confidence: 62%Severity: 62%
Audit Metadata
Analyzed At
May 17, 2026, 07:41 PM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fcli-printing-press%2Fprinting-press-retro%2F@917035543dd459ff7969a8905729014e9d906ae2
Security Audit — socket — printing-press-retro