syncx

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). This is a third‑party GitHub repository from an unknown/unverified account that instructs you to run repository scripts and supply credentials (via .env), so executing its code carries nontrivial risk of arbitrary code execution or credential exfiltration despite being on GitHub.