skills/xiaolai/claude-agent-sdk-skill-autoupdated/claude-agent-sdk/Snyk

claude-agent-sdk

Warn

Audited by Snyk on May 30, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill's research agent explicitly uses the GitHub API at runtime (e.g. https://api.github.com/repos/anthropics/claude-agent-sdk-python/issues) — fetching issue bodies/comments which are injected into the agent's context and used to drive documentation/behavior, so remote content can directly control agent outputs.

Issues (1)

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 30, 2026, 04:55 PM

Issues

1

Security Audit — snyk — claude-agent-sdk