daily-planner

[Skill Scanner] Installation of third-party script detected SUSPICIOUS. The skill's stated purpose aligns with its capabilities, but it contains high-risk operational practices: a hardcoded AI API key in the SKILL.md, hardcoded sender/recipient addresses, and instructions to install packages with sudo pip3. Those patterns increase the chance of credential leakage and unauthorized use of the AI account and email sending. Because the skill transmits local goal data to external services and a fixed external email, it can be used to exfiltrate sensitive information if misused. Without the actual script files, we cannot confirm active malicious code, but the credential exposure and single hardcoded recipient make this package suspicious and warrant review and remediation (remove hardcoded secrets, use environment/secret store, make recipient configurable, avoid sudo pip installs). LLM verification: The skill's functionality is coherent and matches its stated purpose, but it shows multiple serious security hygiene and supply-chain concerns: a plaintext API key in metadata, hard-coded email addresses, and insecure installation instructions ('sudo pip3 install'). These create a realistic risk of sensitive data exfiltration to external AI services and fixed recipients and increase supply-chain attack surface. No explicit signs of active malicious code were present in the provided fragment, but

This file contains hard-coded SMTP credentials and a recipient address. While not malicious code by itself, it substantially increases attack surface and enables authenticated email sending and potential data exfiltration if consumed by an application. Assume credentials are compromised: revoke and rotate them, remove the secret from source control (and purge history), and adopt secret management practices. No obfuscated or runtime malicious code detected in this fragment.