linkfox-shopee-store-voucher

Warn

Audited by Socket on Jul 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

该技能的业务目标明确,但核心数据流经 LinkFox developerProxy 而非 Shopee 官方直连,且在缺少本地引导时会安装远程附加 skill,导致数据流与供应链边界都偏大。整体更像可疑的第三方代理型集成,而非明显恶意;主要风险来自中间层转发、凭证转交和传递式安装。

Confidence: 87%Severity: 73%
Audit Metadata
Analyzed At
Jul 16, 2026, 08:09 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-shopee-store-voucher%2F@ef66d48a0efd94400f135fc3401531acb6761717e7b6464656712a2eb8ccf1bf