gtm-sales-pack

Warn

Audited by Socket on Jul 3, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core interview-and-write behavior matches the stated purpose, but the optional Gmail voice feature reads a local OAuth token and mines sent email content, which is sensitive and more invasive than a simple sales-pack generator. No clear off-device exfiltration is described, so this is not confirmed malware, but the personal-repo provenance and credential-backed email access make the skill medium risk.

Confidence: 82%Severity: 58%
Audit Metadata
Analyzed At
Jul 3, 2026, 05:54 PM
Package URL
pkg:socket/skills-sh/TheAngryPit%2FTheAngrySkills%2Fgtm-sales-pack%2F@9cbc2c4c61d646e5ab55a5827d487c7e6a3504ec2bf8ff37bbbc64e4e4e38c79
Security Audit — socket — gtm-sales-pack