pp-gohighlevel
Warn
Audited by Socket on Jun 23, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill is largely coherent with its GoHighLevel automation purpose, and the installer paths appear same-org and documented. Risk comes from external CLI trust, token forwarding to that CLI, arbitrary webhook output delivery, MCP registration, and state-changing CRM/message actions; these are proportionate but elevate security exposure above a benign read-only guide.
Confidence: 84%Severity: 53%
Audit Metadata