pp-twelvelabs

Warn

Audited by Socket on Jun 12, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill's video-analysis capabilities largely match its stated purpose, but its footprint depends on a non-official third-party CLI/MCP tool that receives the user's Twelve Labs API key and can route outputs to arbitrary webhooks. This is more a trust and credential-forwarding concern than confirmed malware.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 12, 2026, 09:37 PM
Package URL
pkg:socket/skills-sh/mvanhorn%2Fprinting-press-library%2Fpp-twelvelabs%2F@66a8bb7ce0bb82bebe7b30e171ca133a34fda2f2e5fdb8077893a3a5dd137176
Security Audit — socket — pp-twelvelabs