postgresql-engineering
Warn
Audited by Snyk on May 14, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill includes an explicit install step that runs "git clone --branch v0.8.2 https://github.com/pgvector/pgvector.git" followed by "make && make install", which fetches remote code from https://github.com/pgvector/pgvector.git and executes it as a required dependency (pgvector extension).
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata