plannotator

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The set includes a direct installer shell (https://plannotator.ai/install.sh) and instructions to run remote install scripts from a small/unknown project (github.com/backnotprop/plannotator), which is a high‑risk pattern even though some links (Obsidian, GitHub README, opencode schema) are benign; running an unchecked remote .sh from an untrusted domain can install malware.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's install instructions fetch and execute remote installer code at runtime (e.g., curl -fsSL https://plannotator.ai/install.sh | bash and irm https://plannotator.ai/install.ps1 | iex), which runs remote code required to install the CLI and hook into agent workflows.