profile-use

Fail

Audited by Snyk on Jun 30, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). Mixed: many links are benign (example.com, apple.com, json‑schema and the GitHub repo listing), but the raw GitHub script (raw.githubusercontent.com/.../install-app.sh), the templated GitHub release .dmg download and the custom bit.leeguoo.com host (and the odd short "https://x") are direct script/binary distribution vectors and should be treated as potentially risky until you verify the publisher, release artifact signatures, and the custom domain.

Issues (1)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 30, 2026, 02:01 PM
Issues
1
Security Audit — snyk — profile-use