playcanvas-engine
Warn
Audited by Snyk on Feb 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill includes runtime script loads that execute remote code and are required for functionality — e.g., PlayCanvas engine loaded via https://code.playcanvas.com/playcanvas-stable.min.js and Ammo.js loaded via https://cdn.jsdelivr.net/npm/ammo.js@0.0.10/ammo.js — which fetch and run external code at runtime.
Audit Metadata