Skills
skills/indranilbanerjee/digital-marketing-pro/data-import/Socket

data-import

Warn

Audited by Socket on Apr 1, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The stated purpose is coherent with data import and platform writes, and the approval gate is a meaningful control, but the actual execution path is under-specified: imports are funneled through unnamed MCP servers and an unverifiable local competitor-tracker.py script. This is not confirmed malware, but it has medium risk due to opaque trust boundaries, external data transmission, and broad write capability across connected platforms.

Confidence: 84%Severity: 62%
Audit Metadata
Analyzed At
Apr 1, 2026, 01:20 AM
Package URL
pkg:socket/skills-sh/indranilbanerjee%2Fdigital-marketing-pro%2Fdata-import%2F@deddacc43835eb87219908abdb048e3f3bcb9dc2