masterhttprelayvpn-rust

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The bundle includes prebuilt binaries/APKs distributed via a GitHub releases page from a non-mainstream account plus instructions to install a local MITM CA and run executables — which are high-impact actions that make these download sources potentially unsafe despite other links being legitimate (GitHub, script.google.com, httpbin.org).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The README explicitly instructs copying/deploying the remote Apps Script code at https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/assets/apps_script/Code.gs into Google Apps Script, which causes externally hosted code to be executed as the required runtime relay for the skill.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs installing a MITM root CA with sudo/Administrator privileges and creating/enabling a systemd service by writing to /etc/systemd/system, both of which require elevated privileges and modify the system trust and service state—actions that can compromise the machine.