media-analyze

该技能总体目的与能力基本一致：围绕话题做媒体检索并生成报告。主要风险不在安装链，而在数据流与执行方式：Tavily 调用正常，但微博检索使用非官方 Cookie/移动端接口，且技能会并行处理大量外部不受信内容并要求深抓全文，存在中等安全风险与较高注入/抓取合规面。判定为 SUSPICIOUS，而非确认恶意。

The media-analysis skill is functionally plausible but presents notable supply-chain and data-security risks, primarily due to the remote installer pattern and API key handling. To reduce risk, replace curl | bash installers with signed, verifiable installers or containerized deployment, implement secure key management with secret storage and access controls, and add explicit input validation, rate limiting, and data minimization practices. A thorough code review of install.sh and subagent components is essential before deployment.

The installer script itself is not overtly malicious: it performs expected installation steps (create directories, download files, set executable bit, print usage). However it represents a moderate software supply-chain risk because it fetches executable code from a single remote GitHub user repository and makes it executable without integrity verification, user review, or sandboxing. The true danger depends entirely on the contents of the downloaded analyze.sh (and other files). Recommend reviewing those downloaded files before execution, using pinned commit URLs or signatures/checksums, and adopting safer installation patterns (prompting, verification, sandboxing).