Skills
skills/bighardperson/computer-science-skills-collection/Vision Sandbox/Snyk

Vision Sandbox

Fail

Audited by Snyk on Jun 3, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). These are GitHub repositories — one from an individual/unknown account (johanesalxd) and one a third‑party package (astral-sh/uv); although there are no direct .exe/.msi links, running or installing code from unvetted personal repos can carry supply‑chain or malware risk and should be code‑reviewed and executed only in a secure sandbox.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

  • Hidden Unicode characters detected (1 type(s) found)

Issues (2)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W021
MEDIUM

Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 3, 2026, 02:37 AM
Issues
2
Security Audit — snyk — Vision Sandbox