sf-b2b-lwc

Warn

Audited by Snyk on Jun 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent to "Web-fetch" live documentation at runtime and rely on the fetched content to shape component implementation (e.g., developer.salesforce.com/docs/component-library/documentation/en/lwc, developer.salesforce.com/docs/commerce/salesforce-commerce/guide/lwc-for-b2b.html, developer.salesforce.com/docs/platform/lwc/guide/reference-wire-adapters-intro.html), so these external URLs would directly control prompts/instructions during execution.

Issues (1)

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 02:50 PM
Issues
1
Security Audit — snyk — sf-b2b-lwc