pp-botsee
Warn
Audited by Socket on Jun 25, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the core BotSee audit purpose is coherent, and data appears intended for official BotSee APIs, but the skill's footprint is broader than a simple audit helper. Risk is driven by unpinned third-party CLI installation, credential forwarding through that CLI, arbitrary webhook delivery, MCP transitive trust, and account-affecting commands such as billing, API-key, and webhook management.
Confidence: 86%Severity: 68%
Audit Metadata