product-analysis

Warn

Audited by Socket on Jun 24, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

Mostly aligned with its stated product-audit purpose, but it meaningfully expands execution risk by silently using Codex in full-auto mode and by delegating to another skill for compare mode. Official Codex provenance keeps this below malware, yet the autonomous execution and transitive trust make the skill medium/high risk.

Confidence: 86%Severity: 68%
Audit Metadata
Analyzed At
Jun 24, 2026, 02:28 PM
Package URL
pkg:socket/skills-sh/lennney%2Fskills%2Fproduct-analysis%2F@b6611405325c6d16e65f5ade059e2ef10656d037
Security Audit — socket — product-analysis