flutter-autonomous

Warn

Audited by Socket on Jul 4, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s capabilities mostly fit its stated Flutter automation purpose, and its tool references are largely official or same-org. The main risks are broad autonomous local execution, device control, optional MCP registration, and especially auto-install behavior via an unreviewed local bootstrap script plus floating latest dependencies. I see no strong evidence of credential theft or malicious exfiltration, but the execution footprint is large enough to warrant medium risk.

Confidence: 81%Severity: 63%
Audit Metadata
Analyzed At
Jul 4, 2026, 06:04 PM
Package URL
pkg:socket/skills-sh/z-chu%2Fflutter-autonomous-skill%2Fflutter-autonomous%2F@2bb7ff5ac0bcc6a41ad2a01294b1f793e2a40bfff21ef2074e77322ab07108c3
Security Audit — socket — flutter-autonomous