gtm-brain-skill
Warn
Audited by Socket on Jul 4, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill is broadly coherent with a GTM knowledge-graph purpose, but it has medium security risk because it sources raw local credentials, routes sensitive CRM/call data through MCP intermediaries rather than direct official APIs, relies on an unpublished local script for all database actions, and enables automated external data imports with write effects. I do not see confirmed malware or clear credential theft behavior.
Confidence: 80%Severity: 56%
Audit Metadata