skills/membranedev/application-skills/volterra/Snyk

volterra

Warn

Audited by Snyk on May 1, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). The skill requires installing and running the Membrane CLI package fetched and executed at runtime (npm install -g @membranehq/cli@latest or npx @membranehq/cli@latest), which downloads and runs remote code as a required dependency.

Issues (1)

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 1, 2026, 11:40 AM

Issues

1

Security Audit — snyk — volterra