nexus-vote

Warn

Audited by Socket on May 30, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS rather than malicious. The skill's behavior is coherent with its stated purpose and its GitHub data flow is official and proportionate, but it depends on an unverifiable `probe` CLI that performs reads and a write on the user's behalf. That unverifiable binary requirement materially raises supply-chain and trust risk even though no clear credential theft or deceptive exfiltration is shown.

Confidence: 86%Severity: 78%
Audit Metadata
Analyzed At
May 30, 2026, 02:12 AM
Package URL
pkg:socket/skills-sh/zenon-red%2Fskills%2Fnexus-vote%2F@56efa5fde0f399610f92e462f88f656d017fbc15
Security Audit — socket — nexus-vote