cli-anything-3mf

Fail

Audited by Snyk on Jun 30, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.80). This is suspicious: it points to a direct pip-install from an unverified GitHub repository (HKUDS/CLI-Anything) which can execute arbitrary install-time code and appears to be from an unknown account without proven reputation—verify the repo, inspect the source/setup files, and prefer published packages on official registries before installing.

Issues (1)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 30, 2026, 10:52 PM
Issues
1
Security Audit — snyk — cli-anything-3mf