skills/microsoft/hve-core/customer-card-render/Snyk

customer-card-render

Fail

Audited by Snyk on May 1, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

Suspicious download URL detected (high risk: 0.90). These are direct install scripts (.sh/.ps1) hosted on a third‑party domain (astral.sh) and the recommended curl|sh / irm|iex pattern executes remote code immediately — a common high‑risk vector unless you fully trust and inspect the source.

Issues (1)

E005

CRITICAL

Suspicious download URL detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

May 1, 2026, 11:58 AM

Issues

1