Skills
skills/trtmn/agent-skills/skills-manager/Socket

skills-manager

Warn

Audited by Socket on Mar 24, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

BENIGN core purpose with meaningful security risk. The skill is internally consistent and uses an official, documented CLI, but its whole job is transitive skill installation and lifecycle management, so it inherently extends trust to third-party skills and performs persistent environment changes non-interactively. Medium risk from supply-chain and transitive-install behavior, not evidence of malware.

Confidence: 92%Severity: 58%
Audit Metadata
Analyzed At
Mar 24, 2026, 06:34 PM
Package URL
pkg:socket/skills-sh/trtmn%2Fagent-skills%2Fskills-manager%2F@fa6da84a207b2cf3faff99ed6dcc370356d2b8e3