gtm-brain-skill

Warn

Audited by Socket on Jul 4, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is broadly coherent with a GTM knowledge-graph purpose, but it has medium security risk because it sources raw local credentials, routes sensitive CRM/call data through MCP intermediaries rather than direct official APIs, relies on an unpublished local script for all database actions, and enables automated external data imports with write effects. I do not see confirmed malware or clear credential theft behavior.

Confidence: 80%Severity: 56%
Audit Metadata
Analyzed At
Jul 4, 2026, 04:24 PM
Package URL
pkg:socket/skills-sh/scientiacapital%2Fskills%2Fgtm-brain-skill%2F@d3d2d217e3ed4fd33762572dac508f6add257f4192e218b3403642f4f222b48d
Security Audit — socket — gtm-brain-skill