cookbook-audit

[Skill Scanner] Installation of third-party script detected All findings: [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill is internally consistent with its stated purpose: auditing Cookbook notebooks using a style guide and an automated validator. There are no signs of embedded malicious behaviors in the SKILL.md fragment itself. The main risk is operational: running the referenced local validator script and detect-secrets plugins without first reviewing their code could execute arbitrary actions or leak sensitive values (particularly if the environment or .env files contain secrets). Follow standard supply-chain hygiene: inspect the scripts, run in an isolated environment, and avoid exposing production secrets to the audit run. LLM verification: The skill is legitimate in intent (an audit workflow for Cookbook notebooks) and includes positive controls (detect-secrets, style guide). I found no direct malicious code or backdoors in the provided fragment. The main security concern is supply-chain and execution risk: unpinned pip installs and running custom detect-secrets plugins could lead to arbitrary code execution if an attacker compromises an upstream package or plugin. Mitigations: pin dependencies with a lockfile, vet custom plugins,