hook-builder

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These are suspicious: http://example.com/script.sh is an untrusted HTTP link to a shell script (direct-download of executable code is a common malware vector) and https://api.example.com/deploy is an API deploy endpoint that could trigger remote execution or accept credentials — both should be treated as high-risk unless from a verified trusted source.