competitor-listing-analyzer

Warn

Audited by Socket on Jun 28, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s purpose is coherent and its local capabilities are mostly proportionate, but its key data flow routes requests and the API key through a vendor proxy rather than Amazon’s official API endpoints. With no malicious code, obfuscation, or dangerous installer present, this looks more like a medium-risk third-party credential/data routing issue than confirmed malware.

Confidence: 84%Severity: 62%
Audit Metadata
Analyzed At
Jun 28, 2026, 07:06 AM
Package URL
pkg:socket/skills-sh/nexscope-ai%2Fnexscope-ecommerce-skills%2Fcompetitor-listing-analyzer%2F@ea2c6030aab6763e81bad4eef3fa16904f3e65e5a8aac374706d0e68ac09c3a3
Security Audit — socket — competitor-listing-analyzer