README badges are vulnerabilities

TL;DR: Badges are not magic. They are just image hotlinks, and therefore you need to be able to trust the third party who serves them. Introduction Badges are those cute little colourful rectangles that you see at the top of many READMEs. They often display things like the current version

Project badges from private project into a private GitHub

Top 5 Awesome Things to do in your README! - DEV Community

Badges - TL;DR for your repository's README - DEV Community

Snyk The Node.js Security Storm

Snyk badge can't be loaded · Issue #347 · snyk/cli · GitHub

Badges GitLab

README badges are vulnerabilities

Add NPM Badge to README · Issue #2 · simonepri/pidtree · GitHub

Part 2: Top trends from analyzing the security posture of open

GitHub - dwyl/repo-badges: :star: Use repo badges (build passing

Secure Open Source Dependencies with Sonatype DepShield

badges in `README` are not getting rendered · Issue #1207 · r-lib

README badges are vulnerabilities

Snyk badge can't be loaded · Issue #347 · snyk/cli · GitHub