klisk-guide

[Skill Scanner] Instruction directing agent to run/execute external content All findings: [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] BENIGN with minor documentation caveats. The fragment is a coherent, instructional guide for Klisk usage without executable code, malicious content, or data exfiltration patterns. The principal concerns are: (1) potential confusion from a non-existent model name, (2) safe handling of API keys in real deployments. Overall risk remains low when followed as user documentation. LLM verification: This SKILL.md is documentation for a CLI/framework and contains several supply-chain and operational security risks: unpinned pip installs, instructions that encourage automatic background server startup, and a particularly dangerous behavior where the Studio loads all projects and their .env files into a single workspace (aggregating secrets across projects). There is no direct malicious code in the file itself, but the documented workflow and defaults are disproportionately permissive with reg