Skills
skills/delphine-l/claude_global/claude-collaboration/Snyk

claude-collaboration

Warn

Audited by Snyk on Mar 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs cloning/pulling central git repositories (e.g., git@github.com:team/claude-metadata.git and git@github.com:your-org/claude-team-skills.git), which fetch SKILL.md files that are loaded into Claude's session context and thus directly control the agent's prompts/instructions as a required external dependency.

Issues (1)

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 15, 2026, 01:25 AM
Issues
1