gram

[Skill Scanner] Credential file access detected Based on the README/skill metadata, the tool's requested permissions and functionality are internally consistent: it needs Instagram session cookies to interact with Instagram APIs and it documents cookie-extraction options. The primary risks are standard for any cookie-based CLI: reading browser cookie stores (sensitive filesystem access), performing actions that have real-world effects (likes/comments/follows), and supply-chain risk from installing an npm package. No direct evidence of malicious behavior, credential forwarding to third parties, obfuscated code, or download-execute patterns appears in the provided fragment. A code-level review of the implementation is required to rule out hidden exfiltration or suspicious network endpoints. Overall: likely benign but with moderate supply-chain and operational risk due to cookie access and npm distribution. LLM verification: The package documentation describes expected functionality for an Instagram CLI that necessarily needs access to web session cookies and can perform state-changing actions. The most significant risks are (1) direct programmatic reading of browser cookie stores (access to highly sensitive credentials) and (2) normal npm supply-chain risk from installing a third-party global package. There is no explicit evidence in the provided documentation of credential exfiltration, obfuscation, or malicious n