token-guard

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These are GitHub repositories from an unverified/unknown user that include shell scripts and instructions to clone and execute code—GitHub lowers risk compared to anonymous file hosts, but running unreviewed .sh scripts from an unfamiliar account is a realistic malware vector.