inngest-cli
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill instructs running remote packages that are fetched and executed at runtime—e.g., "npx inngest-cli@latest" (fetches from the npm registry, e.g. https://registry.npmjs.org/inngest-cli) and "docker pull inngest/inngest" (https://hub.docker.com/r/inngest/inngest)—which are required to run the Dev Server and therefore execute remote code.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata