geo-database

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] This skill/documentation is coherent and benign for its stated purpose: programmatic access to GEO data and downstream analysis. Network contacts are limited to official NCBI endpoints (Entrez and ftp.ncbi.nlm.nih.gov), file writes are local and expected, and required credentials (Entrez.email, optional API key) are appropriate and documented as placeholders. Operational cautions include large data downloads, local disk usage, and protecting any API key or local cached data. I found no indicators of malicious behavior, credential harvesting, obfuscated code, or third-party proxying. LLM verification: This skill is functionally coherent and aligned with its declared purpose (searching and retrieving GEO data). There is no evidence of hidden exfiltration, obfuscation, eval-based code execution, hardcoded credentials, or third-party proxying of user data. The primary security concerns are operational/supply-chain: unpinned pip dependencies (risk of malicious packages or upstream compromise) and the usual risk of executing third-party install scripts. Overall malware likelihood is low, but the s