product-validator

Warn

Audited by Socket on Jun 28, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill’s purpose and local execution are broadly coherent, and there is no clear malware behavior or supply-chain lure. The main concern is data-flow integrity: it requires credentials for a NexScope proxy and sends requests through proxy endpoints that are not publicly verifiable as official upstream APIs, creating moderate trust and transparency risk.

Confidence: 80%Severity: 52%
Audit Metadata
Analyzed At
Jun 28, 2026, 07:06 AM
Package URL
pkg:socket/skills-sh/nexscope-ai%2Fnexscope-ecommerce-skills%2Fproduct-validator%2F@ce849f5679eb13a96c3543c9576c7cf8b5578031f93c66adc3d2241a4a1fd41c
Security Audit — socket — product-validator