linkfox-etsy-store-query

Warn

Audited by Socket on Jul 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the core Etsy-store-query purpose is coherent, and the API key flows to same-brand LinkFox services, but the skill includes a transitive install path that downloads a ZIP and installs another skill outside a standard registry. This is more a supply-chain and trust-expansion issue than confirmed malware.

Confidence: 85%Severity: 72%
Audit Metadata
Analyzed At
Jul 16, 2026, 08:09 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-etsy-store-query%2F@be79dd2f42569ff901f59fa8c7320474a710d7842d566203a81def763e7dfa4c