ntm

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Suspicious: the skill instructs curl|bash against a raw GitHub install.sh from an unfamiliar user (directly executing remote .sh is high-risk for malware distribution), and although hooks.slack.com is a legitimate webhook domain (not a download), the presence of an untrusted remote installer makes the overall source high risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill encourages executing system-level installers (curl|bash, brew, docker), defines arbitrary command hooks that run shell commands, and even includes config flags like "--dangerously-skip-permissions" and "--dangerously-bypass-approvals-and-sandbox", which together push the agent toward modifying system state and bypassing security protections.