flow-next-impl-review

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill auto-sends full file contents (including changed files and possibly secrets) to external backends (RepoPrompt/Codex), mandates automatic, unconfirmed code fixes and commits, and evals/execs flowctl output — together these behaviors enable easy data exfiltration, credential leakage, and unauthorized/silent introduction of supply‑chain/backdoor changes.