llama-cpp

skills-sh:davila7_claude-code-templates__llama-cpp

View source

92/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

92/100

MEDIUM 1

LOW 1

Findings (2)

MEDIUM

Git clone and execute chain SUPPLY_012

supply-chain L36

Detects git clone of repositories followed by execution of cloned content

git
clone https://github.com/ggerganov/llama.cpp + cd
llama.cpp
make
#

FIX

Review the dependency tree for nested or transitive dependencies that introduce risk. Use tools like npm audit or pip-audit to identify known vulnerabilities in the dependency chain.

FP?

Likely FP if the flagged dependency is a standard, widely-used library with no known vulnerabilities at the time of scanning.

LOW

System package manager install EXTDL_011

external-download L32

Detects system-level package installation via brew, apt, yum, or dnf

brew
install
l

FIX

Pin system packages to specific versions where the package manager supports it. Document the exact packages required and prefer containerized environments to avoid system-wide changes.

FP?

Likely FP if the match is standard setup documentation listing well-known system packages (e.g., apt install git curl) that are prerequisites.