email-campaign

Warn

Audited by Socket on Jul 2, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill's email-campaign purpose matches its lead-generation actions, but it reads a local credential file and sends both credentials and prospecting data through Gooseworks proxy endpoints instead of official provider APIs. The install path looks same-org and documented, so this is not confirmed malware, but the intermediary data flow and raw credential handling make the skill medium-high risk.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jul 2, 2026, 06:18 AM
Package URL
pkg:socket/skills-sh/athina-ai%2Fgoose-skills%2Femail-campaign%2F@e36d11048058d21d173afc17e080c69226f82bc0faac5be7bf03307a26816d52
Security Audit — socket — email-campaign