bitflow-hodlmm-zest-yield-loop

Warn

Audited by Socket on May 20, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the stated purpose and capabilities largely align for a DeFi yield router, but the skill is still high risk because it can move funds on mainnet and delegates critical write actions to multiple external skill CLIs whose provenance is not verified here. No clear credential theft or covert exfiltration is evident, so this looks more like a risky composed financial controller than confirmed malware.

Confidence: 86%Severity: 74%
Audit Metadata
Analyzed At
May 20, 2026, 06:35 PM
Package URL
pkg:socket/skills-sh/aibtcdev%2Fskills%2Fbitflow-hodlmm-zest-yield-loop%2F@3d6feba2383403b0b23f28c12aac873d69a5f01b
Security Audit — socket — bitflow-hodlmm-zest-yield-loop