audio-generation

Warn

Audited by Socket on May 28, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s functional scope is mostly consistent with an audio-routing controller, and it avoids direct job submission or obvious credential harvesting. The main issue is install/execution trust: it relies on an unverifiable `postplus` CLI and references additional downstream skills without provenance or endpoint transparency, which is disproportionate for an instruction-driven controller and raises medium-high supply-chain risk.

Confidence: 84%Severity: 72%
Audit Metadata
Analyzed At
May 28, 2026, 04:14 AM
Package URL
pkg:socket/skills-sh/PostPlusAI%2Fpostplus-skills%2Faudio-generation%2F@4f758ddc312954c81bca5be2c36c31db602676ee
Security Audit — socket — audio-generation