agent-desktop

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). Suspicious — the URL points to a GitHub repository owned by an unrecognized/likely low-profile user (lahfir) that distributes a native CLI; while GitHub is a common hosting site, unknown repos can host binaries or releases that may be malicious, so verify the author, review the source code, check releases/signatures, and avoid running downloaded executables without validation.

Issues (1)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 13, 2026, 05:16 AM
Issues
1
Security Audit — snyk — agent-desktop