scrape-zyte-login

Warn

Audited by Socket on Jun 26, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill’s purpose matches Zyte setup, and the official Zyte domain evidence helps, but the flow still asks the user to download/run a web-provided keys file and lets the agent source or execute that file locally. That is a disproportionate execution risk for a login/setup helper even without direct exfiltration in the skill text.

Confidence: 88%Severity: 64%
Audit Metadata
Analyzed At
Jun 26, 2026, 03:34 PM
Package URL
pkg:socket/skills-sh/zytedata%2Fskills%2Fscrape-zyte-login%2F@f0cf31a0cec621f2d480c1b6bb1f38bfe4054733a623c4a2fff0b95a249ba08f
Security Audit — socket — scrape-zyte-login