generative-ui
Warn
Audited by Snyk on Apr 11, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill's widget templates load and execute remote JavaScript at runtime (required for rendering) from CDN URLs — e.g. https://cdnjs.cloudflare.com/ajax/libs/Chart.js/4.4.1/chart.umd.js and the mermaid module https://esm.sh/mermaid@11/dist/mermaid.esm.min.mjs — so these external resources are fetched and execute code as required dependencies.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata