pp-hayward-omnilogic
Warn
Audited by Socket on May 17, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS. The skill's pool-control capabilities broadly match its stated purpose, but its trust model is weak: it depends on externally installed CLI/MCP binaries whose provenance is not established in the skill, and it allows optional delivery of output to arbitrary webhooks. The main risk is supply-chain and unsafe delegation of powerful real-world device control, not confirmed malware.
Confidence: 81%Severity: 79%
Audit Metadata