agent-sdk-python

[Skill Scanner] Installation of third-party script detected This skill is documentation/guide for a legitimate Agent SDK and its capabilities appear consistent with the stated purpose. There is no evidence of embedded malware or obfuscated malicious code in the provided content. However, several risky patterns exist: unpinned installs of a CLI and Python package, broad/sensitive credential requirements (Anthropic, AWS, GCP), the ability to read and include local files in networked prompts, and an explicit 'bypassPermissions' mode plus examples that allow Bash/Write. These factors make the skill potentially dangerous if misconfigured or used without strict permission controls. Recommendation: treat as medium-risk (supply-chain and data-exfiltration exposure), require pinned packages, enforce permission callbacks, avoid bypassPermissions in production, and audit the external packages/CLI before installation. LLM verification: This SKILL.md is a legitimate-looking integration guide for an Agent SDK and mostly aligns purpose with capabilities. However, there are multiple supply-chain and operational risk signals: unpinned package installs, recommending global CLI installation, explicit 'bypassPermissions' mode, guidance to set raw cloud credentials, and examples that allow high-risk tools (Bash, Write). These are not direct indicators of implanted malware, but they materially raise the chance of credential exposure, un