gws-hebrew-email-automation

Warn

Audited by Socket on May 15, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s purpose and Gmail-focused capabilities are mostly coherent, and its documented API targets are official Google endpoints. However, it relies on a community third-party CLI that handles Google OAuth credentials and mailbox operations, installed globally via npm as a binary-delivering package; that creates meaningful supply-chain and credential-forwarding risk even without clear malicious intent.

Confidence: 85%Severity: 58%
Audit Metadata
Analyzed At
May 15, 2026, 09:17 PM
Package URL
pkg:socket/skills-sh/skills-il%2Fcommunication%2Fgws-hebrew-email-automation%2F@13903666a1c932aa3f4afae06506a4fc1aa626ad
Security Audit — socket — gws-hebrew-email-automation