officecli

Fail

Audited by Snyk on Jul 4, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). These links include direct install scripts (https://d.officecli.ai/install.sh, install.ps1 and raw.githubusercontent raw .sh/.ps1) and a personal project domain plus GitHub content from an unfamiliar account — the curl|bash and irm|iex install patterns and direct executables from non-official hosts are high-risk indicators for malware distribution.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The README's install commands fetch and execute remote install scripts (curl -fsSL https://d.officecli.ai/install.sh | bash and irm https://d.officecli.ai/install.ps1 | iex) which run remote code as part of installing the skill's required binary, so these URLs perform runtime code execution.

Issues (2)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 4, 2026, 04:21 PM
Issues
2
Security Audit — snyk — officecli