linkfox-temu-manage-product-global

Fail

Audited by Socket on Jun 15, 2026

2 alerts found:

AnomalyObfuscated File
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill is purpose-aligned for Temu product management, but its core design forwards Temu credentials and product data through a LinkFox-operated gateway instead of official Temu APIs directly, and it supports local token/response persistence. No malware indicators or unsafe installer patterns are present, but the intermediary credential/data flow and local storage make the security risk medium.

Confidence: 100%Severity: 60%
Obfuscated FileHIGH
references/apis/bg-local-goods-sku-list-query.md

The provided fragment is a non-executable API specification with usage examples. There is no code-level malware detected within the fragment. Primary security considerations center on proper authentication/authorization for the access token, robust input validation, secure handling of the rich SKU data in responses, and appropriate rate limiting and logging practices in the actual implementation. Recommend auditing the gateway, backend service, and client libraries for proper access controls, data minimization, and protection against data leakage through responses, logs, or proxies.

Confidence: 90%
Audit Metadata
Analyzed At
Jun 15, 2026, 09:41 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-temu-manage-product-global%2F@5c4694c7ff25c2ce45479dc45fc057b7374e07f051638f17d9337cc29f9b53cb