gws-hebrew-email-automation
Warn
Audited by Socket on May 15, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: The skill’s purpose and Gmail-focused capabilities are mostly coherent, and its documented API targets are official Google endpoints. However, it relies on a community third-party CLI that handles Google OAuth credentials and mailbox operations, installed globally via npm as a binary-delivering package; that creates meaningful supply-chain and credential-forwarding risk even without clear malicious intent.
Confidence: 85%Severity: 58%
Audit Metadata