zerobus-ingest

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill/documentation is consistent with its stated purpose: building Zerobus ingest clients that authenticate to a Databricks Zerobus gRPC endpoint and write to Unity Catalog Delta tables. I find no direct malicious code or obfuscation in the provided content. The primary security concerns are operational: (1) the requirement to provide a service principal id and secret (legitimate for authentication) demands secure handling — do not hardcode secrets into scripts or check them into source control; (2) reusing Databricks cluster/context state (cluster_id/context_id) can persist sensitive state or secrets if contexts are shared or not properly isolated; and (3) executing pip installs on a cluster should be reviewed to avoid installing malicious third-party packages. Overall, behavior appears benign for the documented purpose but carries moderate operational risk if secrets and execution contexts are mishandled. LLM verification: No evidence of deliberate malicious code in the provided skill content. The primary risks are operational and supply-chain: unpinned pip installs, insecure examples that encourage embedding service principal secrets in scripts, reuse of remote execution contexts that may persist secrets, and lack of documented trust model for MCP execution tools. Recommend: (1) always use pinned package versions and verify package provenance; (2) never hardcode secrets — use Databricks secret scopes or environme