skills/mission69b/t2000-skills/t2000-engine/Socket

t2000-engine

Warn

Audited by Socket on Apr 2, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: The skill's capabilities broadly match its stated purpose as a financial agent engine, and the npm-scoped dependency appears proportionate. However, it enables real-world financial actions, forwards credentials to package/provider code, and processes external MCP content with tool access, creating medium security risk even without clear signs of outright malware.

Confidence: 82%Severity: 62%

Audit Metadata

Analyzed At

Apr 2, 2026, 08:05 AM

Package URL

pkg:socket/skills-sh/mission69b%2Ft2000-skills%2Ft2000-engine%2F@339a005e12cd9304ae9b0003164bf6c78ecd4fbc