slides-generator

[Skill Scanner] URL pointing to executable file detected All findings: [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] The skill's described functionality is plausible and aligned with its purpose, but the distribution/execution pattern (curl | bash from a raw.githubusercontent.com URL, unpinned, no integrity checks) is a high-risk supply-chain pattern. There is no direct evidence of malicious code in the provided text, but executing remote scripts at runtime creates a significant exposure to code injection or exfiltration if the hosted script or the upstream account is compromised. Treat this as suspicious/high risk and avoid running the suggested command without auditing the remote script and adding integrity controls. LLM verification: Functionality matches its stated purpose (markdown -> branded PDF with Mermaid). However, the documented installation/execution method uses an unverified download-and-execute pattern (bash <(curl ... raw.githubusercontent.com ...)) plus unpinned global installs (npm -g, pip3). That combination is a supply-chain risk: executing remote code without integrity checks can lead to arbitrary code execution, credential harvesting, or other malicious actions. The skill should be treated as suspicious unt