douyin-hotlist-overall

Warn

Audited by Socket on May 20, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s behavior is mostly coherent with its stated purpose, but it depends on a third-party hosted backend, forwards an API key to that service, and lacks strong same-org provenance between the GitHub publisher and ai-skills.ai. This is not clearly malicious, but the trust chain and credential forwarding warrant caution.

Confidence: 86%Severity: 52%
Audit Metadata
Analyzed At
May 20, 2026, 12:03 AM
Package URL
pkg:socket/skills-sh/allinherog-star%2Fai-skills%2Fdouyin-hotlist-overall%2F@a7323bcfda38ab19570f8488141e981dff7a13db
Security Audit — socket — douyin-hotlist-overall