pp-botsee

Warn

Audited by Socket on Jun 25, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core BotSee audit purpose is coherent, and data appears intended for official BotSee APIs, but the skill's footprint is broader than a simple audit helper. Risk is driven by unpinned third-party CLI installation, credential forwarding through that CLI, arbitrary webhook delivery, MCP transitive trust, and account-affecting commands such as billing, API-key, and webhook management.

Confidence: 86%Severity: 68%
Audit Metadata
Analyzed At
Jun 25, 2026, 01:35 AM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-botsee%2F@c3b8cc1cef11db46886d495e22546f8ea282ad9ff4bd50debbd22e2377fce570
Security Audit — socket — pp-botsee