project-kickoff

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill's stated capabilities match its behavior: detecting project type, generating or cleaning .claude/settings.local.json, producing CLAUDE.md and .gitignore, and optionally running git/gh operations. There are no signs of active malicious code or remote download-execute patterns in the provided description. Main risks are operational: executing a local tidy script (if that script is untrusted), and accidental exposure of sensitive settings via commits/pushes if .gitignore or confirmation flow isn't handled correctly. Recommend ensuring the tidy script redacts secrets in reports, preview diffs before writing, write .gitignore before any commits, and require explicit, per-action consent for git/gh operations. LLM verification: No direct evidence in the provided fragment of intentional malware or exfiltration. The skill's behavior (reading project files, generating settings, and optionally running a local tidy script and performing git/gh operations) is consistent with its purpose but carries supply-chain and operational risk: executing an unreviewed local script that modifies config files, accessing potentially sensitive files to detect leaked secrets, and performing remote operations with user credentials. Recommend