product-analysis
Warn
Audited by Socket on Jun 24, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
Mostly aligned with its stated product-audit purpose, but it meaningfully expands execution risk by silently using Codex in full-auto mode and by delegating to another skill for compare mode. Official Codex provenance keeps this below malware, yet the autonomous execution and transitive trust make the skill medium/high risk.
Confidence: 86%Severity: 68%
Audit Metadata