perfectpixel

Fail

Audited by Snyk on Jun 30, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). These URLs point to third‑party GitHub repositories and direct release download endpoints (and a .git clone URL) that fetch/run prebuilt binaries from external accounts without built‑in signature/checksum verification — a common malware vector — though go.dev/dl itself is a trusted Go download page.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Issues (2)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 30, 2026, 04:49 AM
Issues
2
Security Audit — snyk — perfectpixel