dbc

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Although the GitHub and Apache Arrow links are legitimate, the skill instructs piping/execing remote install scripts (install.sh and install.ps1) from dbc.columnar.tech—directly downloading and executing .sh/.ps1 from a non-major domain is a high-risk pattern that can distribute malware.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt directs the agent to install system-level software (including piping remote install scripts to sh) and explicitly uses a PowerShell "ExecutionPolicy ByPass" invocation, which bypasses a security mechanism and can modify the machine state, so it should be flagged.