breaking-change-detector

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The breaking-change-detector content is internally consistent and proportionate to its stated purpose of gating breaking changes with migration planning and versioning validation. No malicious behavior or insecure data flows are evident in the provided material. Recommended enhancements include explicit scoring thresholds, explicit fallback behavior if api-strategy.md is missing, and a lightweight runtime bootstrap example to demonstrate integration with CI/CD pipelines. LLM verification: Not malicious in intent or content (no signs of data exfiltration, remote command shells, or obfuscated runtime code). However, the skill has significant operational and privacy risk because it requires high privileges (repo, logs, CI) and can block deployments by design. Before enabling automated blocking, require: minimal scoped permissions, RBAC and approval workflows, human-in-the-loop for CRITICAL decisions, audit logging, redaction of sensitive telemetry, dry-run/tuning mode, and documenta