docs

The descriptor is for a tool that runs a local auto-updating shell script to fetch and display docs. The pattern of executing a home-directory script with auto-update capability and no integrity verification is a notable supply-chain and local execution risk. There is no definitive evidence of malware in the descriptor itself, but the design is dangerous: it grants the script broad access to local secrets and network endpoints and permits remote code to be pulled and executed. Do not run the helper without inspecting the script, adding signature verification/pinning, or running it in a restricted environment.