submit-ara

Warn

Audited by Socket on Jun 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is broadly aligned with its stated publishing purpose, but it enables autonomous public posting and mandatory outbound registration to a third-party hub, plus transitive invocation of other skills. It does not show strong malware indicators or deceptive credential harvesting, yet its real-world publish/exfiltration effects make it medium-to-high security risk.

Confidence: 86%Severity: 62%
Audit Metadata
Analyzed At
Jun 30, 2026, 12:09 AM
Package URL
pkg:socket/skills-sh/Orchestra-Research%2FAgent-Native-Research-Artifact%2Fsubmit-ara%2F@4d33bfaf1af3bdd2eaae5d292d43b4adff89f182def84440c41ab22dca082da3
Security Audit — socket — submit-ara