skills/membranedev/application-skills/insomnia/Socket

insomnia

Warn

Audited by Socket on Apr 21, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the CLI install path is from an official registry rather than an opaque binary. The main concern is data-flow integrity: Insomnia access is routed through Membrane, which becomes a credential and request intermediary rather than calling Insomnia directly. This is not clearly malicious, but it expands trust and creates moderate security risk beyond a direct integration.

Confidence: 87%Severity: 56%

Audit Metadata

Analyzed At

Apr 21, 2026, 04:39 PM

Package URL

pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Finsomnia%2F@f2b30fb3c76d11f427a9001e3152e5e0c3a2899d