agent-eval
Warn
Audited by Snyk on Mar 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.70). The skill instructs users to pip install code from a remote GitHub repository (git+https://github.com/joaquinhuigomez/agent-eval.git@6d062a2f5cda6ea443bf5d458d361892c04e749b), which fetches and installs third-party code that will be executed at runtime by the agent-eval CLI, so this external URL is a required runtime dependency that executes remote code.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata