feed-wsj

Warn

Audited by Socket on Jun 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The core RSS headline normalization behavior is benign, but the skill is not internally consistent: a 'headlines only' adapter includes explicit instructions to obtain full WSJ bodies through third-party archives and paywall-bypass tooling. That scope drift and non-official data path make it medium-risk, though there is no evidence of credential theft, malware payloads, or covert exfiltration.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 16, 2026, 08:05 AM
Package URL
pkg:socket/skills-sh/dzianisv%2Ffinancial-advisor-agents%2Ffeed-wsj%2F@ed50bf297047aee3e51ed8252cc31f76b628ccfd3984641ba95b339f689dceab
Security Audit — socket — feed-wsj