Skills
skills/aradotso/trending-skills/quip-node-manager/Socket

quip-node-manager

Warn

Audited by Socket on Apr 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

Overall the skill is coherent with its stated purpose as a Quip node manager. The main risk is install and update trust: raw-script pipe-to-shell installers, downloaded native binaries/images, and guidance to bypass platform protections increase supply-chain exposure. No clear credential harvesting, covert exfiltration, or purpose-capability mismatch is shown, so this is better classified as suspicious/medium-risk rather than malicious.

Confidence: 83%Severity: 56%
Audit Metadata
Analyzed At
Apr 30, 2026, 06:00 PM
Package URL
pkg:socket/skills-sh/Aradotso%2Ftrending-skills%2Fquip-node-manager%2F@305c28bbbb7b01ee7c578c242793e2ba30e3b0e9