gtm-enrichment-deep

Warn

Audited by Socket on Jul 2, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the core enrichment behavior matches the stated purpose, but the skill reads a raw local credential file and routes all vendor requests through a Gooseworks proxy rather than official Sixtyfour/Apollo endpoints. This is not fundamentally incompatible with the skill's purpose, yet it meaningfully expands trust and data-flow exposure, so the main concern is intermediary credential/data handling rather than overt malware.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jul 2, 2026, 06:17 AM
Package URL
pkg:socket/skills-sh/athina-ai%2Fgoose-skills%2Fgtm-enrichment-deep%2F@fad449c2b3117d152b598b438d4d16e2950208e61aaae3689970826e23593b80
Security Audit — socket — gtm-enrichment-deep