ui-ux-pro-max

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] BENIGN: The fragment describes a design-intelligence skill with coherent capabilities, normal installation approaches, and data flows that align with generating a design system and providing UX guidance. No suspicious data collection, credential handling, or external network exploitation is evident in the provided text. Security risk remains low given the information provided. LLM verification: The README itself is benign documentation for a UI/UX skill, but it directs users to execute a bundled Python script whose implementation and network endpoints are not provided. That creates a moderate supply-chain risk: running the script could lead to arbitrary code execution, local data access, or network exfiltration. Prior to use, inspect the script, verify provenance (repo/checksum), and run it with limited privileges or in a sandbox. If the script is audited and only calls known, safe pub