opencli
Warn
Audited by Socket on May 19, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
This skill is broadly aligned with its stated browser-automation purpose, so it is not clearly malicious. However, its footprint is large: authenticated session reuse across many sites, write-capable browser actions, arbitrary web/API inspection, local daemon bridging, and transitive CLI installation. The main concern is high operational risk and weak enforcement boundaries, not covert credential theft.
Confidence: 83%Severity: 68%
Audit Metadata