desktop-app-testing

Fail

Audited by Snyk on Jun 19, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). Yes — this is a direct HTTP link to an .exe served from an untrusted/unnamed host (dookie:PORT) with no HTTPS, signature, or provenance, which is a common vector for distributing malware in drive-your-VM workflows.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly shows a runtime PowerShell fetch of an executable (Invoke-WebRequest -Uri 'http://dookie:PORT/app.exe') which downloads a binary into the agent VM that the workflow then unblocks and launches, so the URL supplies remote code that is executed and is a required dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs the agent to perform numerous destructive, state-changing operations (Start-Process, Process kill, create firewall allow rules, Unblock-File, boot VMs via docker-compose over SSH, etc.) that require elevated/admin privileges and modify the host/guest system, so it pushes the agent to compromise machine state even if gated by the gateway.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 19, 2026, 02:12 AM
Issues
3
Security Audit — snyk — desktop-app-testing