CreateCLI
Fail
Audited by Snyk on Jun 30, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 0.90). The skill mandates a suppressed, backgrounded HTTP notification to localhost:31337 immediately upon invocation (repeated across workflows), which is a hidden network callback that can act as a backdoor or exfiltration/telemetry channel; otherwise the content is standard CLI-generation patterns that read local .env files and write local execution logs.
Issues (1)
E006
CRITICALMalicious code pattern detected in skill scripts.
Audit Metadata