context-lake
Warn
Audited by Socket on Apr 16, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS. The skill’s capabilities broadly match its stated purpose, but its install and execution model relies on an unverifiable downloaded binary with implicit access to pre-configured organizational credentials and data. That makes the footprint high-risk from a supply-chain and trust perspective, even without clear evidence of malicious intent.
Confidence: 84%Severity: 82%
Audit Metadata