taobao-keyword-search

Warn

Audited by Socket on Jun 13, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

The skill’s core capability matches its stated purpose: scrape Taobao/Tmall search results from a user-visible, logged-in browser session. However, its authenticated scraping workflow, shell-eval execution pattern, and explicit advice to use stealth multi-session automation to avoid anti-scraping controls make it higher risk than a normal search helper. No clear credential exfiltration or malicious endpoint routing is shown, so this is best classified as suspicious/high-risk automation rather than confirmed malware.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 13, 2026, 04:39 AM
Package URL
pkg:socket/skills-sh/browser-act%2Fskills%2Ftaobao-keyword-search%2F@fe290a6508ff45c58da2befba5d4968891f67ef31aac97a820fcad9c995c667b
Security Audit — socket — taobao-keyword-search