plan-to-action

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill explicitly requires bypassing permission safeguards (--dangerously-skip-permissions) and instructs spawning fully autonomous subagents that can write, test, commit, and push without prompts—an intentional permission-bypass and automation pattern that is highly enabling of backdoors, unauthorized code modification, and supply‑chain abuse even though no explicit data exfiltration or remote‑exec payloads are present.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs the user to enable a --dangerously-skip-permissions flag so autonomous subagents can write files, run tests, and commit without permission prompts, which is a direct bypass of security mechanisms that allows modifying the machine state.