skills/dotnet/skills/use-js-interop/Snyk

use-js-interop

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

Malicious code pattern detected (high risk: 1.00). The content includes an explicit clipboard-monitoring snippet that reads clipboard text and invokes a DotNetObjectReference (which on Blazor Server will transmit that data to the server/circuit), creating a clear data-exfiltration vector; no obfuscated payloads or remote-exec/backdoor constructs were found beyond that privacy-invasive callback.

Issues (1)

E006

CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Jun 13, 2026, 03:06 AM

Issues

1

Security Audit — snyk — use-js-interop