linkfox-shopee-store-public
Warn
Audited by Socket on Jul 16, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS: the skill's Shopee-related capabilities fit its stated purpose, but it sends OAuth and partner data through a LinkFox intermediary instead of direct Shopee endpoints, and it can trigger installation of another skill from a ZIP archive. This is not confirmed malware, but the proxy-based data flow and transitive skill installation create a meaningful security and trust risk.
Confidence: 86%Severity: 72%
Audit Metadata