find-skills

[Skill Scanner] Natural language instruction to download and install from URL detected The fragment is coherent with its stated purpose of guiding users to discover and install open agent skills. It presents expected CLI commands and external resources in a user-supporting role, with no malicious or high-risk behaviors. Overall, it is benign and appropriate for a skill description resource. LLM verification: The SKILL.md is a benign documentation file that accurately describes how to find and install agent skills. It does not include executable or obfuscated code, nor does it directly exfiltrate data. However, it explicitly instructs users to download-and-execute third-party code via `npx skills add` and recommends global and unattended installation flags (-g -y), which materially increases supply-chain risk. The immediate document is not malicious, but the workflow it promotes is a medium-level sec