skills/membranedev/application-skills/cascade-strategy/Socket

cascade-strategy

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS. The skill's capabilities broadly match its stated purpose, and the CLI install path is relatively trustworthy via npm and vendor docs. The main risk is architectural: all auth and API traffic are funneled through Membrane as an intermediary, including proxy requests and credential refresh, which is a meaningful third-party trust and data-flow concern even though it is disclosed and plausibly legitimate.

Confidence: 86%Severity: 56%

Audit Metadata

Analyzed At

Apr 22, 2026, 12:40 PM

Package URL

pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fcascade-strategy%2F@4795ee097e3f7b0ed81694d91947d6c597c3ec1b