salamander-strategy
Fail
Audited by Snyk on Jun 28, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). These URLs point to a GitHub repository and raw.githubusercontent.com links that the README instructs you to curl and execute (pull raw Python scripts into your runtime); while GitHub and senpi.ai may be legitimate, downloading and running raw code from an unverified/unknown account is a high-risk vector for malware unless you verify the repo's trust, signatures, commit history, and contents first.
Issues (1)
E005
CRITICALSuspicious download URL detected in skill instructions.
Audit Metadata