pp-american-reindustrialization

Warn

Audited by Socket on May 19, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The stated purpose is coherent for a read-only directory-analysis skill, but the trust model is weak because all core behavior is delegated to an externally installed CLI whose provenance is not established here. The optional webhook and feedback POST features also extend data flow beyond the stated offline/local analysis use case. No direct credential harvesting is shown, so this is not confirmed malware, but it carries meaningful supply-chain and data-egress risk.

Confidence: 82%Severity: 74%
Audit Metadata
Analyzed At
May 19, 2026, 04:30 PM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-american-reindustrialization%2F@0e3c0b9903f6a66c8979a76ca18efec3749d722d
Security Audit — socket — pp-american-reindustrialization