README badges are vulnerabilities

TL;DR: Badges are not magic. They are just image hotlinks, and therefore you need to be able to trust the third party who serves them. Introduction Badges are those cute little colourful rectangles that you see at the top of many READMEs. They often display things like the current version

Code Repository Badges

jenkins-status-badges-plugin/README.md at master · yannickcr

repo-badges/README.md at main · dwyl/repo-badges · GitHub

Project badges from private project into a private GitHub

Sonarqube quality badges on gitlab - Stack Overflow

How To Get A Status Badge Of A Pipeline In Azure Devops

Using the API to add Codacy Grade details to the Readme - Codacy

Badges in the README are confusing · Issue #1079 · yegor256/takes

how can I get a release badge for my repository? · Issue #4293

Make your Github readme looks more Crazy with badges

More Badges please, I need Project Insights! - CI / CD 9

Badges for your projects - DEV Community

GitHub – How to display the status badge for a GitHub Action