pp-dice-fm
Warn
Audited by Socket on Jun 28, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill’s stated purpose mostly matches its capabilities: read-only DICE analytics and exports. Main risks come from trusting an external CLI/MCP toolchain, mixed publisher identity signals, and optional webhook/file export of potentially sensitive fan data. No clear malicious behavior or deceptive credential harvesting is shown, but the footprint is broader than a simple documentation-only skill and merits medium caution.
Confidence: 80%Severity: 52%
Audit Metadata