pp-techmeme

Warn

Audited by Socket on May 15, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the stated purpose is coherent, but the skill’s footprint is broader than necessary because it requires third-party CLI/MCP installation from sources not clearly aligned with the listed author, uses mutable @latest installs, and includes arbitrary webhook delivery. No direct credential theft is evident, but install trust and outbound data-routing risks make this higher risk than a normal read-only news skill.

Confidence: 82%Severity: 74%
Audit Metadata
Analyzed At
May 15, 2026, 09:46 PM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-techmeme%2F@c10d94eb3c54b61e67de075dca057eb2e7858d35
Security Audit — socket — pp-techmeme