skills/ascend-ai-coding/awesome-ascend-skills/external-cannbot-ops-aiss-tiling-solver/Snyk

external-cannbot-ops-aiss-tiling-solver

Fail

Audited by Snyk on Jun 16, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

Suspicious download URL detected (high risk: 0.90). These are direct downloadable native binaries hosted on an unverified GitCode repository (HIT1920/TilingSolver) — an unknown/low‑reputation source with explicit instructions to fetch and execute binaries, which is a high-risk pattern for malware distribution.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill's runtime setup explicitly downloads and runs unverified remote binaries from https://gitcode.com/HIT1920/TilingSolver/releases/download/latest/tiling_solver_aarch64 (and _x86_64) and https://gitcode.com/HIT1920/TilingSolver/releases/download/latest/platform_info_aarch64 (and _x86_64), which are required by the tool and will execute remote code locally.

Issues (2)

E005

CRITICAL

Suspicious download URL detected in skill instructions.

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

CRITICAL

Analyzed

Jun 16, 2026, 05:19 PM

Issues

2

Security Audit — snyk — external-cannbot-ops-aiss-tiling-solver