tooluniverse

[Skill Scanner] Installation of third-party script detected This Skill manifest itself contains no direct malicious code — it is documentation for a high-capability tool aggregator. However, it carries moderate supply-chain risk because (1) it centralizes access to 600+ external tools via a single runtime (tu.run), (2) it documents running an MCP server without describing authentication or exposure, and (3) it omits explicit statements about whether requests go directly to official APIs or are proxied. If the underlying runtime or its adapters are compromised or implemented to proxy credentials/data to third parties, that would be dangerous. Recommended actions before use: review the ToolUniverse runtime source (adapters, network endpoints), verify per-tool endpoints are official, check MCP server defaults for network binding/auth, and confirm where logs/outputs are stored. Absent the runtime code, this manifest is best treated as low-malware but medium-risk from a supply-chain / privilege perspective. LLM verification: This SKILL.md is documentation for a broad scientific-tool orchestration skill. The text itself contains no executable malicious code or obvious backdoors, so direct malware is unlikely in this fragment. However, the skill's scope (600+ tools), installation of third-party components (scanner flagged a pip install), and lack of explicit data-flow and credential-handling guarantees raise supply-chain and data-exfiltration risks. Before trusting or installing the full implementation, reviewers shou