lighthouse-ci
Warn
Audited by Snyk on Mar 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The GitHub Actions referenced in the workflow are fetched and executed at CI runtime—actions/checkout@v4 (https://github.com/actions/checkout), actions/setup-node@v4 (https://github.com/actions/setup-node), and treosh/lighthouse-ci-action@v11 (https://github.com/treosh/lighthouse-ci-action)—so external code is run and relied upon by the skill.
Issues (1)
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata