resolve-human-reviews

Warn

Audited by Socket on May 5, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill's purpose aligns with GitHub PR review resolution, and the referenced CLI appears to be the publisher's own tool, so this is not overtly malicious. However, it combines unpinned runtime package execution with autonomous code modification, pushing, and public GitHub replies based on untrusted reviewer content, making it a high-impact agent skill with meaningful security risk.

Confidence: 87%Severity: 72%
Audit Metadata
Analyzed At
May 5, 2026, 02:48 PM
Package URL
pkg:socket/skills-sh/pbakaus%2Fagent-reviews%2Fresolve-human-reviews%2F@89d9e6e4e5f50202429c5bef95375498a305d3e5
Security Audit — socket — resolve-human-reviews