Skills
skills/hainamchung/agent-assistant/github-automation/Socket

github-automation

Warn

Audited by Socket on Apr 14, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill's capabilities broadly match its GitHub automation purpose and the MCP service appears official, but setup instructions are partially outdated/incomplete and all GitHub auth/data/actions are routed through Composio as a third-party intermediary. Risk is driven by credential brokering and high-impact repository actions, not by malware-like payload delivery.

Confidence: 87%Severity: 58%
Audit Metadata
Analyzed At
Apr 14, 2026, 05:35 PM
Package URL
pkg:socket/skills-sh/hainamchung%2Fagent-assistant%2Fgithub-automation%2F@8aac98e6d1e75be51da8c820b9a0e3e35ce9e54a