huggingface-hub

Pass

Audited by Socket on May 16, 2026

Checks
Malicious behaviorInjection, exfiltration, untrusted installs
Security concernsCredential exposure, tool/trust exploitation
Code obfuscationHidden or obfuscated code
Suspicious patternsReconnaissance, excessive autonomy, resource use
Audit Metadata
Analyzed At
May 16, 2026, 01:47 PM
Package URL
pkg:socket/skills-sh/NousResearch%2Fhermes-agent%2Fhuggingface-hub%2F@2562dc47e49454185608afdfd267523222253be0
Security Audit — socket — huggingface-hub