clean

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The workflow contains high-risk patterns: it launches a subagent given permission to read local dotfiles and project files (which could exfiltrate data or execute further actions), and it runs many shell commands (mv, rm -rf, mkdir, git) with insufficient sanitization/quoting and brittle path validation—creating realistic opportunities for data exfiltration, remote code execution or destructive filesystem changes if the agent or manifest is tampered with.