skills/eho/agent-skills/prd-to-github-milestone/Socket

prd-to-github-milestone

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: The skill’s GitHub-focused behavior is largely aligned with its stated purpose, and official `gh` usage is appropriate. However, it delegates privileged issue/milestone creation to opaque local scripts, creating a meaningful trust gap and moderate security risk despite no clear evidence of malware or off-platform exfiltration.

Confidence: 84%Severity: 63%

Audit Metadata

Analyzed At

Mar 18, 2026, 10:14 PM

Package URL

pkg:socket/skills-sh/eho%2Fagent-skills%2Fprd-to-github-milestone%2F@f346cf90700b1cc77cd79f0be998e5880b8b9c9b