bigml-automation

Warn

Audited by Socket on Mar 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill's purpose and capabilities mostly align for a Composio-managed BigML integration, and there is no malicious installer or obvious credential theft pattern. However, BigML access is brokered through Composio/Rube rather than direct official BigML APIs, and the documentation understates authentication complexity with the 'no API keys needed' claim, so the intermediary data flow and misleading setup claim make this medium risk rather than benign.

Confidence: 85%Severity: 53%
Audit Metadata
Analyzed At
Mar 29, 2026, 02:39 AM
Package URL
pkg:socket/skills-sh/ranbot-ai%2Fawesome-skills%2Fbigml-automation%2F@94e2f24ea8f6944ed6a5607d243ee4a80ce2ddc5
Security Audit — socket — bigml-automation