aave

Warn

Audited by Socket on May 28, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The core capability matches the stated purpose, but this skill enables autonomous financial transactions and depends on an unspecified external wallet service endpoint. There is no clear evidence of malware or credential theft in the provided text, yet the unconstrained WALLET_SERVICE_URL and real-money action surface make the skill high risk.

Confidence: 83%Severity: 76%
Audit Metadata
Analyzed At
May 28, 2026, 05:32 AM
Package URL
pkg:socket/skills-sh/Starchild-ai-agent%2Fofficial-skills%2Faave%2F@203ef641fce6cd677e2d36f058366fb67ef83e84
Security Audit — socket — aave