podcast-workflow

Warn

Audited by Socket on Jun 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the workflow is broadly aligned with its podcast-to-Feishu purpose, but it relies on unreviewed local helper skills/scripts and includes a transitive trust chain plus optional third-party content routing to Madopic. No clear malware or credential-stealing behavior is visible in this skill alone, but the execution footprint is larger than a simple documentation workflow and merits separate review of the referenced skills.

Confidence: 84%Severity: 56%
Audit Metadata
Analyzed At
Jun 30, 2026, 09:26 AM
Package URL
pkg:socket/skills-sh/zephyrwang6%2Fonepod-Skill%2Fpodcast-workflow%2F@77b4becaa1a518b618fe70617bc04334869b29e8600599242fb17377641d50fd
Security Audit — socket — podcast-workflow