skills/membranedev/application-skills/pay-with-bolt/Socket

pay-with-bolt

Warn

Audited by Socket on Apr 23, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: the skill is coherent with its stated Bolt-integration purpose and uses a likely official CLI from npm, but it routes authentication and API traffic through Membrane's intermediary platform instead of directly to Bolt. That makes it a higher-trust, medium-risk integration rather than clearly malicious.

Confidence: 86%Severity: 58%

Audit Metadata

Analyzed At

Apr 23, 2026, 06:38 PM

Package URL

pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fpay-with-bolt%2F@40777efeb0de7ed44f142b9d541a54dafa676952