Skills
skills/membranedev/application-skills/cdata-software/Socket

cdata-software

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is not overtly malicious and uses an official npm-distributed CLI, but its actual footprint centers on routing CData access through Membrane as a third-party intermediary. That creates medium risk from data-flow indirection and unpinned CLI supply chain, even though credential handling is relatively restrained and no direct exfiltration pattern is shown.

Confidence: 86%Severity: 56%
Audit Metadata
Analyzed At
Apr 22, 2026, 05:59 AM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fcdata-software%2F@6b8a897e35393f6d124ae5fcc0e6c251eeb4ec75