widgets-ui

Warn

Audited by Socket on Jun 22, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill's purpose and examples are coherent for declarative UI rendering, and there is no sign of credential theft or malicious data routing. However, it includes transitive skill installation and unpinned remote registry installs, which increase supply-chain risk beyond what is strictly necessary for a widget-rendering guide.

Confidence: 87%Severity: 66%
Audit Metadata
Analyzed At
Jun 22, 2026, 04:46 PM
Package URL
pkg:socket/skills-sh/skills-shell%2Fskills%2Fwidgets-ui%2F@b279b756f9eb633e66eb94514678f82368d643e5cad79fcaa93e3642220200f9