salamander-strategy

Fail

Audited by Snyk on Jun 28, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). These URLs point to a GitHub repository and raw.githubusercontent.com links that the README instructs you to curl and execute (pull raw Python scripts into your runtime); while GitHub and senpi.ai may be legitimate, downloading and running raw code from an unverified/unknown account is a high-risk vector for malware unless you verify the repo's trust, signatures, commit history, and contents first.

Issues (1)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 28, 2026, 08:48 PM
Issues
1
Security Audit — snyk — salamander-strategy