gitnexus-cli
Warn
Audited by Socket on Jun 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
The skill is mostly coherent with a repo indexing/documentation CLI, but it carries medium risk from unpinned `npx` execution and especially from forwarding API keys and repository-derived content to arbitrary `--base-url` endpoints. Optional public Gist publishing further increases data exposure risk. Overall this is better classified as suspicious/vulnerable rather than malicious.
Confidence: 100%Severity: 60%
Audit Metadata