uv-tool-management

[Skill Scanner] Code execution from unpinned remote source (uvx/pipx + git URL) All findings: [CRITICAL] command_injection: Code execution from unpinned remote source (uvx/pipx + git URL) (CI014) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] supply_chain: Reference to external script with install/setup context (SC005) This skill is a legitimate, instructional document about using 'uv' to manage Python CLI tools. However, it includes supply-chain risky patterns: notably a recommended curl | sh installer (unverified, unpinned) and many examples that fetch and execute packages or git repositories at runtime without checksum or provenance guidance. There is no evidence of active malware or obfuscation, but the skill's instructions encourage executing remote code and global installs which raises real supply-chain risk. Recommend treating the 'curl | sh' install as high risk (advise pinned releases/checksums or package manager installs) and caution users to verify package provenance before uvx / git installs. LLM verification: This is documentation for a legitimate developer tool (uv) and its workflows; its stated purpose and capabilities are consistent. However the skill explicitly recommends high-risk supply-chain actions (curl | sh installer and running/installing code directly from git or unpinned versions). There is no evidence of embedded malicious code in the supplied artifact, but the installation and execution patterns it promotes are dangerous and increase supply-chain exposure. Treat the documentation as le