nurec-fixer
Warn
Audited by Snyk on Jun 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly clones and runs code from the remote Git repository (https://github.com/NVIDIA/harmonizer) and builds/pulls and runs a remote runtime container (nvcr.io/nvidia/pytorch:25.10-py3), both of which fetch remote code/artifacts that are executed at runtime and are required dependencies.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata