dynamodb-database
Warn
Audited by Socket on Apr 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill’s core purpose and capabilities are mostly aligned, and there is no installer or obvious malware behavior. However, it routes DynamoDB operations and auth through a hidden Rebyte-configured API endpoint instead of direct AWS APIs, and the documented auth/base-URL pattern does not match Rebyte’s public API docs. That makes the data flow less transparent and warrants medium risk, but not a malicious classification on the evidence provided.
Confidence: 83%Severity: 54%
Audit Metadata