yak

Fail

Audited by Snyk on Jun 18, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This document describes MITM/hotpatch hooks and dynamic plugin loading that explicitly enable intercepting, modifying and mirroring HTTP traffic and running arbitrary Yaklang code in-process — capabilities that can be (and commonly are) used for data exfiltration, credential theft and creating backdoors/RCE.

Issues (1)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 18, 2026, 04:14 PM
Issues
1
Security Audit — snyk — yak