trend-discovery

Warn

Audited by Socket on Jun 26, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The core behavior fits ecommerce trend discovery, and there is no obvious malware or hostile installer. The main risk is data-flow integrity: all provider access is funneled through a Nexscope proxy with a configurable base URL and limited public API verification, so credential forwarding and endpoint trust are the primary concerns.

Confidence: 84%Severity: 56%
Audit Metadata
Analyzed At
Jun 26, 2026, 04:16 AM
Package URL
pkg:socket/skills-sh/nexscope-ai%2Fnexscope-ecommerce-skills%2Ftrend-discovery%2F@2267c67c40ac04b1cf48fd7b44427a22a20e1c15728498e6091b87e2956a48f1
Security Audit — socket — trend-discovery