yuv-design-system
Warn
Audited by Snyk on Jun 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs runtime cloning and execution of the canonical repo (git clone https://github.com/hoodini/yuv-design-system.git and then running scripts/install-skill.sh / ensure-assets.sh), which fetches remote code and runs it as a required dependency, so this is a high-confidence runtime code-execution dependency.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata