fdk-setup

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The skill's stated purpose (managing FDK lifecycle) aligns with the capabilities it describes, but its execution model and some implementation choices present notable supply-chain and operational risks. High-risk patterns: executing a remote install script via curl | bash, installing unpinned packages from a third-party CDN, and auto-spawning shell subagents that perform privileged, global changes without asking for user confirmation. There is no evidence of deliberate credential harvesting or obfuscated malicious code in the provided text, so confirmed malware likelihood is low. However, because of the download-and-execute patterns and autonomous shell execution, this skill should be treated as suspicious and high-risk for supply-chain abuse and unintended system modification unless modified to require user confirmation, verify downloads (checksums/signatures), and avoid pipe-to-shell installs. LLM verification: The skill content is coherent with an automated deployment/management tool for FDK, Node.js, and nvm; however, it relies heavily on remote, unpinned installers and inline shell scripting patterns (curl|bash, direct npm install from CDN, external install scripts) that pose substantial supply-chain and execution risks. These patterns are suspicious and warrant scrutiny before enabling autonomous execution. If allowed in practice, they should be sandboxed, require explicit user consent, pin/verify