nav-install-multi-claude

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The script correctly implements an installer workflow for multi-Claude scripts and contains no direct malicious code in the provided file. However, it performs an unsafe pattern: cloning remote code and executing the repository's install script without integrity or authenticity verification and with a fallback to the 'main' branch. This is a supply-chain security risk (arbitrary code execution from network). Mitigations should include pinning to a verified commit/tag, signature or checksum verification, explicit user consent before executing remote code, or sandboxed execution. Until such controls are added, treat installation via this script as potentially dangerous in adversarial contexts. LLM verification: The installer script is functionally consistent with its stated purpose and does not contain obvious embedded malware or hardcoded secrets. However, it directly clones and executes an installer script from a GitHub repository (falling back to main when version detection fails) without verifying integrity. That behavior creates a supply-chain risk: if the remote repo or main branch is compromised, the installer will execute arbitrary code on the host. Recommend adding commit hashes or signatures,