elorus-automation

Warn

Audited by Socket on Mar 29, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill's purpose matches Elorus automation, but it routes tool discovery, auth, and execution through Composio's hosted Rube MCP instead of direct Elorus APIs. There is no clear malware or installer abuse, yet the intermediary data flow, likely credential delegation, and remote action capability make it a medium-risk skill that requires substantial trust in Composio/Rube.

Confidence: 84%Severity: 58%
Audit Metadata
Analyzed At
Mar 29, 2026, 03:36 AM
Package URL
pkg:socket/skills-sh/ranbot-ai%2Fawesome-skills%2Felorus-automation%2F@3ac984a6da4dd9161d587d4c716ec422188839c3
Security Audit — socket — elorus-automation