iii-bridge
Warn
Audited by Snyk on Jun 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The worker opens a long-lived outbound WebSocket to the configured URL (e.g., ws://0.0.0.0:49134) at runtime and registers/exposes local function IDs so the remote iii instance can invoke and thereby execute code on this engine, satisfying all conditions for a runtime external dependency that controls execution.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata