magpie-strategy
Warn
Audited by Socket on Jun 28, 2026
2 alerts found:
SecurityAnomalySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
AnomalyREADME.md
LOWAnomalyLOW
README.md
No explicit malware behavior is shown in the provided snippet because it is largely installation/operational documentation. However, the instructions establish a high-impact supply-chain execution path: multiple executable artifacts (including a Python producer and runtime helpers) are downloaded from raw GitHub URLs at install time and then run as persistent background daemons with sensitive tokens in their environment. This pattern warrants security review of the fetched scripts/runtime plugin (integrity pinning, verification, credential handling, and network/notification behavior), since compromise would be amplified by daemon persistence and potential external messaging/logging.
Confidence: 44%Severity: 66%
Audit Metadata