pp-dub

Warn

Audited by Socket on May 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is broadly aligned with Dub workspace administration and its credential needs are proportionate, but it materially extends trust to external same-org binaries, uses unpinned installers, and supports arbitrary webhook output delivery plus MCP registration. This looks coherent rather than overtly malicious, but it carries meaningful operational and data-leak risk for an AI agent.

Confidence: 83%Severity: 58%
Audit Metadata
Analyzed At
May 16, 2026, 03:19 AM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-dub%2F@cc4949abf33496383f67a86789ebb026c7890b17
Security Audit — socket — pp-dub