github-pr-workflow

Warn

Audited by Socket on May 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The overall workflow matches the stated GitHub PR purpose and uses official GitHub endpoints, so there is no strong malware or exfiltration signal. However, the fallback auth method disproportionately reads plaintext credentials from local files, and the skill enables autonomous commit/push/merge actions with real repository impact, making it medium risk.

Confidence: 91%Severity: 56%
Audit Metadata
Analyzed At
May 16, 2026, 01:47 PM
Package URL
pkg:socket/skills-sh/NousResearch%2Fhermes-agent%2Fgithub-pr-workflow%2F@4018cf520d7cda9fa515c8ea0940f7132db29c66
Security Audit — socket — github-pr-workflow