linkfox-shopee-store-logistics

Warn

Audited by Socket on Jul 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The logistics purpose is coherent, but the real data flow is not ideal: authenticated Shopee operations are sent through LinkFox developerProxy and a further shopee-proxy intermediary instead of directly to official Shopee endpoints. The skill also instructs transitive installation of another skill from a zip download and contains inconsistent billing claims. These issues make it higher-risk than a normal API integration, though not confirmed malware.

Confidence: 87%Severity: 74%
Audit Metadata
Analyzed At
Jul 16, 2026, 08:09 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-shopee-store-logistics%2F@c3c9c1046f38233a133503cd99c3563d8a86305036b51297bebf1c7bfac40f9b