databricks-zerobus-ingest
Warn
Audited by Snyk on Jul 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs runtime installation of remote packages that will fetch and execute code (e.g., "%pip install databricks-sdk>=... databricks-zerobus-ingest-sdk>=..." and "pip install databricks-zerobus-ingest-sdk>=1.0.0", as well as "npm install @databricks/zerobus-ingest-sdk" and "go get github.com/databricks/zerobus-sdk-go"), which are required dependencies and therefore fetch/execute remote code from registries such as PyPI (e.g. https://pypi.org/project/databricks-zerobus-ingest-sdk) during skill runtime.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata