yuv-design-system

Warn

Audited by Snyk on Jun 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs runtime cloning and execution of the canonical repo (git clone https://github.com/hoodini/yuv-design-system.git and then running scripts/install-skill.sh / ensure-assets.sh), which fetches remote code and runs it as a required dependency, so this is a high-confidence runtime code-execution dependency.

Issues (1)

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 17, 2026, 07:42 AM
Issues
1
Security Audit — snyk — yuv-design-system