pp-godaddy
Warn
Audited by Socket on Jun 23, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill's capabilities fit its stated GoDaddy automation purpose, but it routes high-value GoDaddy credentials and potentially sensitive API output through third-party CLI/MCP tooling not clearly owned by GoDaddy. Registry-based installs reduce malware confidence, yet the combination of indirect publisher trust, arbitrary webhook output, and account-changing operations makes the overall security posture medium risk.
Confidence: 78%Severity: 64%
Audit Metadata