money-product

Warn

Audited by Socket on May 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill's core capabilities mostly match its stated purpose as an end-to-end product launch assistant, and its main tooling references are official ecosystems. However, the hard-coded Vercel scope, broad autonomous deployment/payment actions, third-party ccapi.ai routing option, and transitive skill chaining create meaningful security and trust concerns disproportionate to a normal narrowly scoped build guide.

Confidence: 84%Severity: 66%
Audit Metadata
Analyzed At
May 16, 2026, 03:35 PM
Package URL
pkg:socket/skills-sh/iamzifei%2Fshow-me-the-money%2Fmoney-product%2F@8a3c710f7cfab3c2d8cf14db87865acc5a2cb3a4
Security Audit — socket — money-product