recoup-setup

Warn

Audited by Socket on May 18, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core Recoup API flow is broadly consistent with onboarding, but the skill reaches into hidden/session prompt context for email discovery, persists a powerful API key locally, modifies Claude memory to redirect many future tasks, and depends on transitive plugin/skill trust. Data flows mostly match the stated service, so this is not confirmed malware, but its scope and prompt-access behavior are broader than a minimal setup skill.

Confidence: 84%Severity: 63%
Audit Metadata
Analyzed At
May 18, 2026, 09:35 PM
Package URL
pkg:socket/skills-sh/recoupable%2Fskills%2Frecoup-setup%2F@c375c513f7e9cd6cbe6bf5bde070aa7e06358210