skills/beaverslab/beaver-skill/beaver-claw-backup/Snyk

beaver-claw-backup

Warn

Audited by Snyk on Mar 26, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill invokes and relies on an external package that is fetched and executed at runtime via bunx/npx (e.g., "bunx @beaverslab/claw-backup" / "npx @beaverslab/claw-backup@latest"), which means remote code is run as a required dependency and is therefore flagged.

Issues (1)

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 26, 2026, 06:46 AM

Issues

1