unit-3-hyprland-nier-rice

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs include a raw GitHub-hosted shell script and a user repository from an unknown account (and a short/uncertain domain ara.so) — fetching and piping a remote install.sh (bash <(curl ...)) or running code from an unreviewed clone is a high-risk pattern because it can execute arbitrary, potentially malicious commands on your system.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required "Quick Install" step fetches and executes a public GitHub-hosted installer (bash <(curl -fsSL https://raw.githubusercontent.com/samyns/Unit-3/main/install.sh)), which clearly ingests untrusted, user-controlled third-party content that can alter behavior and drive subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Quick Install runs bash <(curl -fsSL https://raw.githubusercontent.com/samyns/Unit-3/main/install.sh) (and the manual path clones https://github.com/samyns/Unit-3.git then runs install.sh), which fetches and executes remote code at runtime, so the external URLs directly control execution.