competitor-teardown

[Skill Scanner] Pipe-to-shell or eval pattern detected Benign and purposeful: The improved report describes a legitimate competitive teardown workflow using public data and an external CLI to generate market intelligence deliverables. The primary actionable risk is dependency on the external CLI's provenance and data-sharing policy, which should be validated before use. LLM verification: The skill's capabilities match its stated purpose (competitive research, screenshots, plotting) but rely on a third-party CLI and remote apps in the inference.sh ecosystem. The use of curl | sh to install the CLI and the absence of any data-handling, credential, or retention disclosures are the primary risks: they create opportunities for credential exposure, data exfiltration, or arbitrary code execution depending on the installer's behavior and the backend services. I find no explicit maliciou