snyk-fix

The skill presents a coherent, purpose-aligned orchestration for Snyk-based remediation with single/batch modes and PR workflow. Its footprint is proportionate to the described functionality: it relies on official tools and registries (Snyk MCP, GH) and operates within project scope (code and dependency fixes). The security surface is normal for a remediation tool, centered on authenticated access to Snyk and GitHub, with data flowing from scans to fixes and validation. There are no explicit malicious patterns detected (no unverified binaries, no credential harvesting beyond standard API keys/tokens, and no direct external data exfiltration). Overall assessment: BENIGN to SUSPICIOUS depending on unknown specifics of credential handling and internal network calls; given the combination of required authenticated services and PR workflows, treat as SUSPICIOUS if credentials or tokens are not properly managed, but BENIGN if following standard secret management and official endpoints.