bmad-cis-design-thinking

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill intentionally executes resolved customization entries and a resolved on_complete instruction (via python calls) and loads arbitrary project files, creating a clear remote-code-execution/backdoor vector that could be used to read sensitive files or perform exfiltration even though no explicit network exfiltration code is present in the skill itself.