transcript-fixer

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Yes — two of the links are direct install scripts (install.sh and install.ps1) hosted on an unrecognized domain (astral.sh) and promoted with curl | sh / PowerShell | iex (classic high-risk remote-install pattern); open.bigmodel.cn may be an API portal but does not mitigate the danger of running unreviewed remote scripts, so this combination is suspicious.