skills/ranbot-ai/awesome-skills/qualaroo-automation/Socket

qualaroo-automation

Warn

Audited by Socket on Mar 29, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: The skill's capabilities match its stated Qualaroo automation purpose, and there is no obvious malware or local payload execution. However, all actions and likely auth flows are routed through Composio's hosted Rube MCP intermediary instead of directly to Qualaroo, creating meaningful third-party data-flow and credential-delegation risk.

Confidence: 86%Severity: 58%

Audit Metadata

Analyzed At

Mar 29, 2026, 05:40 AM

Package URL

pkg:socket/skills-sh/ranbot-ai%2Fawesome-skills%2Fqualaroo-automation%2F@fb744c3b610265b17c0b58a60fa8d00fef0638ff