swain-dispatch

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill explicitly automates sending repository artifact contents to an external LLM (Anthropic/Claude) and triggers GitHub Actions with write permissions, creating a high-risk capability for remote code execution, supply-chain modification, backdoor installation, and exfiltration of repository contents or secrets to an external service.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The workflow step "uses: anthropics/claude-code-action@v1" (https://github.com/anthropics/claude-code-action) is fetched and executed at runtime and directly controls agent prompts by acting on the issue body created by this skill, and the dispatch flow requires that action to run—constituting a required external runtime dependency that executes remote code and controls instructions.