blockrun

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill’s stated purpose (route requests to external models and charge via an autonomous wallet) is coherent with its examples, but multiple red flags require caution: it explicitly avoids requiring user API keys by operating a payment/gateway layer (a sensitive, high‑trust role), stores a local wallet session file, and does not document the actual network endpoints or custody model. That design can be abused for data capture or financial misdirection. I rate it suspicious: review the SDK source code, verify the package author and PyPI/project repository, inspect network endpoints, and ensure the wallet keys are locally encrypted and under user control before trusting it with sensitive prompts or funds. LLM verification: The BlockRun skill conceptually enables monetized, multi-provider external capabilities, but exhibits governance and supply-chain risks (unverified external script installs, unpinned dependencies, wallet-centered data exposure, and vague data governance). Until a vetted, reproducible, and auditable secure version is provided (with pinned dependencies, authenticated installers, clear consent/data handling, and restricted data paths), treat this artifact as Suspicious-to-Moderately-Suspicious and