pp-techmeme
Warn
Audited by Socket on May 15, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the stated purpose is coherent, but the skill’s footprint is broader than necessary because it requires third-party CLI/MCP installation from sources not clearly aligned with the listed author, uses mutable @latest installs, and includes arbitrary webhook delivery. No direct credential theft is evident, but install trust and outbound data-routing risks make this higher risk than a normal read-only news skill.
Confidence: 82%Severity: 74%
Audit Metadata