flutter-autonomous
Warn
Audited by Socket on Jul 4, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill’s capabilities mostly fit its stated Flutter automation purpose, and its tool references are largely official or same-org. The main risks are broad autonomous local execution, device control, optional MCP registration, and especially auto-install behavior via an unreviewed local bootstrap script plus floating latest dependencies. I see no strong evidence of credential theft or malicious exfiltration, but the execution footprint is large enough to warrant medium risk.
Confidence: 81%Severity: 63%
Audit Metadata