Skills
skills/nexscope-ai/nexscope-ecommerce-skills/market-overview/Socket

market-overview

Warn

Audited by Socket on Jun 28, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill's purpose and capabilities mostly align, and there is no evidence of malware or unsafe installers. The main concern is data-flow integrity: both market data and the required API key are routed through a vendor-defined proxy host (`NEXSCOPE_PROXY_BASE`) rather than clearly documented official service endpoints, making the intermediary trust model only partially verifiable.

Confidence: 83%Severity: 58%
Audit Metadata
Analyzed At
Jun 28, 2026, 07:06 AM
Package URL
pkg:socket/skills-sh/nexscope-ai%2Fnexscope-ecommerce-skills%2Fmarket-overview%2F@b5e818ed709dc97ff05efaa48532e5a88b93e9fe90599fa27c431faa7f07151a
Security Audit — socket — market-overview