Skills
skills/membranedev/application-skills/seqera/Socket

seqera

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s Seqera-management purpose is plausible, but its real footprint is a Membrane-mediated broker workflow that installs and trusts a third-party CLI/service, forwards authentication through Membrane, and routes Seqera access via Membrane instead of Seqera’s official API. This is not confirmed malware, but it creates meaningful supply-chain and credential/data-flow risk beyond a direct Seqera integration.

Confidence: 85%Severity: 64%
Audit Metadata
Analyzed At
Apr 22, 2026, 06:54 AM
Package URL
pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fseqera%2F@27a9d921287644493dbd9fe163bf638050ecd808