pp-dub
Warn
Audited by Socket on May 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill is broadly aligned with Dub workspace administration and its credential needs are proportionate, but it materially extends trust to external same-org binaries, uses unpinned installers, and supports arbitrary webhook output delivery plus MCP registration. This looks coherent rather than overtly malicious, but it carries meaningful operational and data-leak risk for an AI agent.
Confidence: 83%Severity: 58%
Audit Metadata