targeted-prospecting

Warn

Audited by Socket on Jul 2, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

The skill’s capabilities largely match its stated prospecting purpose, and there is no clear malware or stealth behavior. The main concern is data-flow integrity: it reads a local API key file and routes substantial prospect and enrichment data through Gooseworks proxy infrastructure instead of direct vendor endpoints, creating medium security and privacy risk.

Confidence: 89%Severity: 64%
Audit Metadata
Analyzed At
Jul 2, 2026, 06:17 AM
Package URL
pkg:socket/skills-sh/athina-ai%2Fgoose-skills%2Ftargeted-prospecting%2F@a41768422f1e7222d009ffedff46d658eb37256b7d4061629e048a3298b0f80f
Security Audit — socket — targeted-prospecting