pp-dice-fm

Warn

Audited by Socket on Jun 28, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s stated purpose mostly matches its capabilities: read-only DICE analytics and exports. Main risks come from trusting an external CLI/MCP toolchain, mixed publisher identity signals, and optional webhook/file export of potentially sensitive fan data. No clear malicious behavior or deceptive credential harvesting is shown, but the footprint is broader than a simple documentation-only skill and merits medium caution.

Confidence: 80%Severity: 52%
Audit Metadata
Analyzed At
Jun 28, 2026, 06:19 AM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-dice-fm%2F@6fd95c5a3639ea3ae778279345d3124f52f5358c70bfc077ac4abf3f872863ec
Security Audit — socket — pp-dice-fm