deepagent

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] The documentation contains multiple high-risk examples and anti-patterns (notably eval() and guidance to execute arbitrary code or perform privileged filesystem/sysadmin operations) without showing secure mitigations. While not directly malicious, these examples can lead to severe security issues (remote code execution, data exfiltration, destructive operations, SSRF) if copied into production. Recommendations: avoid eval(); implement safe-eval libraries or expression parsers; enforce strict sandboxing (containerization, limited-process privileges); validate and normalize paths and URLs; implement RBAC and explicit user confirmations for destructive actions; add auditing, output filtering (secrets detection), timeouts, and size limits for network responses. Treat the docs as potentially dangerous guidance and do not reuse examples unchanged. LLM verification: This SKILL.md is primarily documentation and examples for building DeepAgent skills. It is not itself executable malicious code, but it contains several unsafe example patterns that — if implemented without safeguards — enable high-risk behavior: arbitrary code execution via eval or run_python, arbitrary filesystem reads/writes, and unrestricted network fetches (SSRF/exfiltration). The presence of sysadmin tools and unpinned pip install instructions increases supply-chain and privilege risks. Re