setup

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill README is coherent with its stated purpose (installing and configuring casedev CLI) and requests credentials that are proportional to that purpose. However, it contains high-risk supply-chain guidance: an unpinned curl|bash install from raw.githubusercontent.com and features (like --api-url override and raw API calls) that can be used to exfiltrate API keys or data if the installer or CLI configuration are tampered with. There is no evidence in the README of active malicious code, obfuscation, or embedded exfiltration; the primary risks are supply-chain (download-and-execute) and operational (credential forwarding via custom API URLs). Recommend treating the README as SUSPICIOUS: avoid using the pipe-to-shell installer unless the script is audited/pinned and warn users about overriding api-url and storing keys in config.json. LLM verification: The documentation is a legitimate installation and usage guide for a CLI that handles sensitive credentials and networked legal AI services. Key findings: 1) The curl | sh installation recommendation is a notable supply-chain risk and should be avoided or replaced with verified-install instructions (e.g., checksummed downloads, detached signatures, or Homebrew from a verified tap). 2) The CLI's flexible overrides (--api-url, --api-key) and documented config path are correct for functionality but