skills/willbooster/agent-skills/check-pr-ci/Snyk

check-pr-ci

Warn

Audited by Snyk on Apr 23, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill invokes "bunx @willbooster/agent-skills@latest check-pr-ci", which fetches and executes the remote npm package @willbooster/agent-skills (e.g. https://www.npmjs.com/package/@willbooster/agent-skills) at runtime, so external code can directly control agent behavior.

Issues (1)

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 23, 2026, 06:12 PM

Issues

1

Security Audit — snyk — check-pr-ci