goofish-search-list
Warn
Audited by Socket on Jun 13, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: The skill’s purpose and core capabilities mostly align with Goofish search scraping, but its trust footprint is broader than necessary. The main concerns are execution of Python-generated shell via eval and reliance on browser-act, an external browser-control tool with access to logged-in session state but without strong release verification evidence in the reviewed sources. No clear credential harvesting or off-purpose exfiltration is shown, so this is not confirmed malware.
Confidence: 100%Severity: 60%
Audit Metadata