nv-segment-ct-finetune
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill's runtime (scripts/run_finetune.py) explicitly fetches https://raw.githubusercontent.com/NVIDIA-Medtech/NV-Segment-CTMR/main/NV-Segment-CT/configs/label_dict.json via urllib and can call huggingface_hub.snapshot_download to pull the nvidia/NV-Segment-CT bundle from https://huggingface.co, and those fetched bundle configs/models are used at runtime to configure and drive monai.bundle runs (i.e., external assets materially affect execution).
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata