pp-openalex

Warn

Audited by Socket on May 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the stated purpose is coherent and mostly read-only, but the skill relies on externally installed binaries with mutable install paths and supports optional outbound posting of results to arbitrary webhooks. The main concern is install/execution trust and credential forwarding to a third-party CLI rather than overtly malicious behavior.

Confidence: 82%Severity: 72%
Audit Metadata
Analyzed At
May 16, 2026, 05:17 AM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-openalex%2F@e2a2e30b50ca7ea48f6a9c6ab85254ce45c37d77
Security Audit — socket — pp-openalex