linkfox-temu-returns-refunds-us

Warn

Audited by Socket on Jul 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The business purpose is plausible, but the skill routes Temu credentials and data through LinkFox-controlled gateway endpoints instead of official Temu APIs, and it can trigger installation of another remotely packaged skill. Same-brand domains reduce the chance of outright malware, but the intermediary data flow, credential forwarding, and transitive install chain make the skill high security risk.

Confidence: 88%Severity: 76%
Audit Metadata
Analyzed At
Jul 16, 2026, 08:10 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-temu-returns-refunds-us%2F@9654720cbfd3e21eacf8e29a813ca7058cc2ca09685f81ca679eb740c2ba0fe2