Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
jsonschema>=4.19.0 pyyaml>=6.0 jinja2>=3.1.0
- Confidence
- 89% confidence
- Finding
- jsonschema>=4.19.0
Security audit
Security checks across malware telemetry and agentic risk
This is a coherent form-building skill with dependency and untrusted-template cautions, but no evidence of hidden, destructive, persistent, or unrelated behavior.
Install only if you are comfortable managing Python dependencies yourself. For production use, pin reviewed versions of jsonschema, PyYAML, and Jinja2, and do not load form configs or render templates from untrusted sources unless you add validation and sandboxing.
jsonschema>=4.19.0 pyyaml>=6.0 jinja2>=3.1.0
jsonschema>=4.19.0 pyyaml>=6.0 jinja2>=3.1.0
jsonschema>=4.19.0 pyyaml>=6.0 jinja2>=3.1.0
66/66 vendors flagged this skill as clean.
No suspicious patterns detected.