ziniao-device

Warn

Audited by Socket on Jun 16, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill’s capabilities largely match its stated device-management purpose, including expected proxy credential handling and store/device operations. The main concern is trust concentration in an externally installed CLI with only partially verified publisher provenance, plus support for real billing actions; this is more a supply-chain and operational-risk issue than clear malicious behavior.

Confidence: 100%Severity: 60%
Audit Metadata
Analyzed At
Jun 16, 2026, 03:31 AM
Package URL
pkg:socket/skills-sh/ziniao-open%2Fziniao-cli%2Fziniao-device%2F@571af99a34bf17f993e62c87b524cb381b58981d069e4a88e84b7e469fdeab60