computer-automation
Warn
Audited by Socket on May 29, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill is internally consistent with its stated desktop-automation purpose and uses an official npm package, so it is not clearly malicious. However, it grants high-impact computer-control capabilities, forwards sensitive model and optional RDP credentials to third-party CLI code, and documents an unsafe certificate-bypass option, making the overall security risk medium-to-high.
Confidence: 88%Severity: 68%
Audit Metadata