content-writer

Fail

Audited by Snyk on May 29, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). Most links are benign documentation, images and well-known services, but the presence of multiple GitHub repos from small/unknown accounts plus a direct npm tarball (registry.npmjs.org/.../claude-content-writer-2.0.1.tgz) and install scripts that clone/run those repos are a notable delivery vector for malware if not vetted—treat as suspicious until the code/authors are verified.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). High-risk supply-chain/backdoor patterns: postinstall auto-runs an install script that git-clones external repos (claude-seo, humanizer) into the user's home and executes remote install scripts via execSync/bash without integrity checks or explicit user consent, and it also deletes/overwrites skill directories — this enables arbitrary remote code execution and a supply‑chain backdoor capable of exfiltration or system compromise.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The package's postinstall/install script auto-clones and installs external skill repositories (it runs git clone https://github.com/AgriciDaniel/claude-seo.git and git clone https://github.com/blader/humanizer.git and may run their install scripts), which fetches and executes remote code during setup and provides required runtime skills (claude-seo, humanizer) that the skill invokes in /writer:verify, so these URLs are used to pull remote code that directly affects runtime behavior.

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 29, 2026, 05:48 AM
Issues
3
Security Audit — snyk — content-writer