Skills
skills/membranedev/application-skills/clio/Socket

clio

Warn

Audited by Socket on Mar 13, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is coherent with its stated Clio-integration purpose and uses a legitimate npm-distributed CLI, but it inserts Membrane as an intermediary for authentication and API access rather than talking directly to Clio. That third-party proxy/control-plane design raises medium security risk for sensitive legal data, though there is not enough evidence to call it malicious.

Confidence: 84%Severity: 56%
Audit Metadata
Analyzed At
Mar 13, 2026, 11:25 PM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fclio%2F@2142f0c4fcb5280987c28161b4799b8547fe203b