linkfox-zhihuiya-description-data-translated

Warn

Audited by Socket on Jul 16, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS: the core function is coherent with patent-description retrieval, but the trust model is expanded by routing credentials through LinkFox-managed services, automatic feedback submission, persistent local data writes, and especially transitive installation of another skill from a hosted zip. This looks more like a high-trust vendor ecosystem skill than direct Zhihuiya API usage, so risk is elevated even without confirmed malicious behavior.

Confidence: 80%Severity: 78%
Audit Metadata
Analyzed At
Jul 16, 2026, 08:10 AM
Package URL
pkg:socket/skills-sh/linkfox-ai%2Flinkfox-skills%2Flinkfox-zhihuiya-description-data-translated%2F@bdaa60ce5b0ce7227385188f8e63b037757b4310e2d37e670be45efed928c2d4