pp-nasa-images

Warn

Audited by Socket on May 20, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

Suspicious rather than malicious. The skill's read-only NASA-media purpose is coherent, but it relies on an external CLI/MCP binary whose provenance is not established in the skill, triggering high supply-chain risk. Network behavior is mostly consistent with the purpose, though optional webhook delivery and configurable feedback posting create outbound data paths that should be used cautiously.

Confidence: 84%Severity: 78%
Audit Metadata
Analyzed At
May 20, 2026, 05:40 AM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-nasa-images%2F@ac52aee22c7e1381f1266f75a65a5428d4aa5d35
Security Audit — socket — pp-nasa-images