wavybaby

[Skill Scanner] Detected role reassignment attempt The descriptor conceptually aims to enhance Claude Code with CoVe and dynamic skill discovery, but the proposed auto-installation of unvetted skills and MCP servers, plus automatic config changes, creates substantial supply-chain and runtime risks. Without explicit consent, provenance verification, and safety gates, this design should be treated as suspicious. Safer alternatives include opt-in behavior, sandboxed skill installation, and strict integrity checks. LLM verification: The fragment presents an ambitious but insecure pattern: unconditional external skill discovery/installation and MCP server deployment, with only high-level CoVe concepts and no concrete safeguards. This configuration could enable supply-chain compromise, unauthorized infrastructure changes, or data exposure. It should be treated as high-risk and require explicit user consent, strong provenance controls, and bounded automation before any production use.