memoire-mcp-agent-skills
Warn
Audited by Snyk on Jul 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime install/run commands (e.g., "npm i -g @memi-design/cli" and "npx skills add sarveshsea/memi") which will fetch and execute remote code from the listed URLs such as https://www.npmjs.com/package/@memi-design/cli and https://github.com/sarveshsea/memi/tree/main/skills/memoire-design-tooling, so these external URLs are required runtime dependencies that can control agent behavior.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata