aurakit

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The links are to an npm package and a GitHub repo (legitimate channels) but come from an unvetted/individual account and the instructions (npx and git clone && bash install.sh) will download and immediately execute code from that unknown source, so they can be used to distribute malware.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's install commands fetch and execute remote code at runtime (npx @smorky85/aurakit and git clone https://github.com/smorky850612/Aurakit.git && bash install.sh), so the referenced GitHub (https://github.com/smorky850612/Aurakit) and npm package are runtime dependencies that can execute remote code and thus pose risk.