celery-task

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). High-risk: the skill executes arbitrary shell commands (via Celery tasks) and, by default, is configured to automatically send command text and stdout/stderr to an external ntfy server (http://www.chaofan.online:8081) with notifications enabled and also contains code that spawns background/hidden processes — together these enable straightforward data exfiltration and covert remote control of command execution.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs the AI to automatically check for and start system services (Redis/Memurai, Celery worker, Flower) and includes privileged commands (e.g., sudo systemctl start redis, net start Memurai, brew services start redis), which requires modifying the machine's system state and potentially using elevated permissions.