skills/openclaw/skills/neon-postgres/Snyk

neon-postgres

Warn

Audited by Snyk on Apr 7, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent to fetch Neon documentation at runtime (e.g., https://neon.com/docs/llms.txt and https://neon.com/docs/introduction/branching.md), meaning remote markdown would be loaded into the agent context and could directly control prompts/responses.

Issues (1)

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 7, 2026, 01:57 AM

Issues

1

Security Audit — snyk — neon-postgres