skills/gemini-cli-extensions/cloud-sql-postgresql/cloud-sql-postgres-data/Snyk

cloud-sql-postgres-data

Warn

Audited by Snyk on Apr 28, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The scripts invoke npx to fetch and run the remote npm package "@toolbox-sdk/server@1.1.0" at runtime (via npx), which downloads and executes remote code required for the skill, so this external package (@toolbox-sdk/server@1.1.0) is a runtime dependency that can execute code.

Issues (1)

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 28, 2026, 10:15 PM

Issues

1