1k-new-skill
Warn
Audited by Snyk on Mar 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires using WebFetch at runtime to retrieve and "extract key guidelines" from https://code.claude.com/docs/en/skills and https://platform.claude.com/docs/en/agents-and-tools/agent-skills/best-practices, meaning remote content is fetched and used to control the agent's prompts/instructions and is a required dependency.
Audit Metadata