find-skills

[Skill Scanner] Natural language instruction to download and install from URL detected The file is legitimate documentation describing how to find and install skills. It is not itself malicious or obfuscated. However, it explicitly encourages several high-risk supply-chain practices: using npx (download-and-execute), installing from unpinned owner/repo references, and recommending global (-g) and unattended (-y) installs. These patterns materially increase the chance of remote code execution and persistent compromise if installed skills are malicious or repos are compromised. Recommendations: (1) Add explicit security guidance — verify package authors, pin to version numbers or commit SHAs, prefer vetted registries, check checksums or signatures; (2) Avoid recommending -g and -y by default; require user approval or show install scripts; (3) Recommend installing untrusted skills in isolated environments (containers or VMs) and auditing package contents before running; (4) Encourage skills.sh to indicate veracity/trust metadata and to support signed releases. Treat usage of these commands as a moderate to high supply-chain risk unless mitigations are adopted. LLM verification: No direct malicious code or obfuscation is present in this documentation fragment. However, the guidance to download-and-execute third-party code via `npx skills add`, and especially the recommendation to use `-g -y`, creates elevated supply-chain risk. Without guidance on verification (pinned versions, checksums, author verification) or sandboxing, consumers following these instructions could be exposed to malicious or tampered skills. Treat installs as potentially dangerous: require manual rev