Skills
skills/google-gemini/gemini-skills/gemini-api-dev/Snyk

gemini-api-dev

Warn

Audited by Snyk on Mar 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.70). The skill explicitly instructs fetching the external documentation index (https://ai.google.dev/gemini-api/docs/llms.txt) and its linked .md.txt pages at runtime to discover API specs and guide implementation, meaning remotely fetched content can directly control prompts/behavior.

Issues (1)

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 28, 2026, 03:05 PM
Issues
1