twitter-to-binance-square

Warn

Audited by Socket on May 30, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the stated purpose is plausible and the required Twitter/Binance credentials are proportionate, but the execution footprint is not fully trustworthy. The biggest issue is provenance mismatch: official Binance Square skill documentation points to Node.js scripts, while this skill invokes undocumented local Python scripts that would receive publish credentials and perform public posting. That is not confirmed malware, but it raises medium-high trust and integrity concerns, especially because the skill can autonomously publish public content from external Twitter inputs.

Confidence: 86%Severity: 68%
Audit Metadata
Analyzed At
May 30, 2026, 03:02 PM
Package URL
pkg:socket/skills-sh/6551team%2F6551-twitter-to-binance-square%2Ftwitter-to-binance-square%2F@31d1dec123348fc5e1e1c4ae3ec3370bb1cab9db
Security Audit — socket — twitter-to-binance-square