moru

This skill is documentation for the Moru CLI and sandbox service. It does not contain executable code itself, nor does it directly perform network requests or credential harvesting. The primary security concern is the install recommendation using a curl|bash pipe-to-shell, which is a supply-chain risk because it runs remote code without verification. Other risks are moderate and expected for a cloud sandbox service: environment variables (API keys/tokens) and persistent volumes may expose secrets or data to the provider. There is no evidence of malicious intent, exfiltration to third-party attacker-controlled endpoints, obfuscated payloads, or credential forwarding to unknown domains. Overall: low probability of malware, but moderate supply-chain/security risk due to unpinned installer and limited guidance on secret handling.