Skills
skills/membranedev/application-skills/canny/Socket

canny

Warn

Audited by Socket on Apr 24, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s capabilities broadly match its stated Canny-integration purpose, and the install source appears legitimate. The main risk is data-flow integrity: Canny access is mediated through Membrane’s CLI/service and proxy, so credentials and API traffic are entrusted to an intermediary platform rather than going directly to Canny.

Confidence: 85%Severity: 52%
Audit Metadata
Analyzed At
Apr 24, 2026, 07:50 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fcanny%2F@e2f964db2c7b04439026f8b4c40a1820e254ac76