linkfox-temu-promotion-global

Warn

Audited by Socket on Jul 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the skill’s promotion purpose is coherent, but its actual footprint relies on a LinkFox man-in-the-middle gateway for Temu operations, forwards Temu credentials to that third party, and can trigger transitive installation of another skill from a ZIP archive. These are proportionally risky design choices even if same-org and plausibly intentional, so this is not confirmed malware but is a medium-high security risk.

Confidence: 89%Severity: 78%
Audit Metadata
Analyzed At
Jul 16, 2026, 08:10 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-temu-promotion-global%2F@8a90595272f0446184c0b8ecbf0cd39e998a1ddba2c1c1326b4f5bac6f5f68f2