linkfox-temu-ads-global
Warn
Audited by Socket on Jul 16, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS. The skill’s ads purpose is plausible, but its actual data flow is centered on a LinkFox intermediary that receives both LinkFox and Temu credentials instead of calling official Temu partner endpoints directly. The fallback ZIP-installed onboarding skill adds transitive trust and unverifiable installer risk. This looks more like a managed gateway integration than outright malware, but the credential routing and install chain make it high risk.
Confidence: 90%Severity: 84%
Audit Metadata