circleci-automation

Warn

Audited by Socket on Apr 7, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s capabilities fit its CircleCI automation purpose, but it routes authentication, API access, and artifact retrieval through the third-party Rube/Composio MCP layer instead of direct CircleCI APIs. That makes the footprint coherent but higher-trust and higher-risk than a direct official API integration, especially because it can trigger pipelines and expose CI outputs.

Confidence: 82%Severity: 58%
Audit Metadata
Analyzed At
Apr 7, 2026, 02:57 PM
Package URL
pkg:socket/skills-sh/sickn33%2Fantigravity-awesome-skills%2Fcircleci-automation%2F@6158186e2e14d07258b4dc289b45291941b11baf