skills/silvainfm/claude-skills/tapestry/Socket

tapestry

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

The code acts as a plausible blueprint for a content-to-plan tool, but current form is a scaffold with multiple risky patterns (auto-install guidance, interactive prompts, and placeholder blocks). For secure deployment, replace scaffolds with verified, single-language implementable code, enforce strict input validation, remove automation around external tool installation, pin dependencies, and audit all data flows. Treat as SUSPICIOUS until a fully specified, audited version is provided.

Confidence: 75%Severity: 75%

Audit Metadata

Analyzed At

Mar 18, 2026, 11:15 PM

Package URL

pkg:socket/skills-sh/silvainfm%2Fclaude-skills%2Ftapestry%2F@32d912189bffdefb825612c9607f211346bf0639