safepay
Warn
Audited by Socket on Apr 22, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: The skill is internally coherent for a Membrane-published Safepay integration and uses a normal npm-distributed CLI, so it is not malware-like. The main concern is data-flow integrity and credential scope: Safepay access is brokered through Membrane, which stores/manages credentials and handles requests server-side rather than calling Safepay directly. That intermediary architecture is disclosed and likely intended, but it still creates medium security risk for users expecting direct vendor-only API handling.
Confidence: 84%Severity: 52%
Audit Metadata