weclaw-wechat-ai-bridge

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The set includes a direct curl|sh install from raw.githubusercontent.com for an unvetted repo (install.sh), plus placeholder/unverified endpoints and templates and instructions that expose an unauthenticated local API and run downloaded code — a common high-risk pattern for executing malware or exfiltrating credentials.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly includes sudo-backed systemd service installation (copying to /etc/systemd/system and running sudo systemctl enable --now), plus recommendations to disable permission prompts and expose the HTTP API without auth, which instructs modifying system state and enabling privileged/unsafe configurations.