skills/freshtechbro/claudedesignskills/rive-interactive/Socket

rive-interactive

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

The combined reviews converge on a benign security posture for the provided fragments, with moderate risk arising from dependency trust and asset integrity in real deployments. The material is coherent with legitimate usage of Rive state machines and ViewModels in React/web apps. Best practice would include verifying package provenance (npm registry integrity, subresource integrity for assets), enabling strict CSP and SRI for external assets, and auditing any custom tooling/scripts used for scaffolding.

Confidence: 85%Severity: 75%

Audit Metadata

Analyzed At

Mar 18, 2026, 03:26 PM

Package URL

pkg:socket/skills-sh/freshtechbro%2Fclaudedesignskills%2Frive-interactive%2F@86ea6e880bd55b27e3939359971ea58d2b2fd45f