pp-beehiiv

Warn

Audited by Socket on May 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

Mostly coherent Beehiiv automation skill with proportionate Beehiiv token use and expected API-management scope. Main risks are supply-chain trust in the external CLI install, unpinned fallback installation, optional webhook delivery to arbitrary URLs, and an extra MCP install step; these make it suspicious/medium-risk rather than clearly malicious.

Confidence: 79%Severity: 53%
Audit Metadata
Analyzed At
May 16, 2026, 03:11 AM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-beehiiv%2F@a398826f2088f3e099035584fb001f46bd5da4ce
Security Audit — socket — pp-beehiiv