kit-extensions

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The guide exposes multiple powerful extension capabilities—runtime-evaluated Go code, arbitrary subprocess execution (exec.Command / SuspendTUI), arbitrary file and env access (os.ReadFile, ctx.CWD, options via env), background goroutines that can send messages, hidden context/prompt injection (OnContextPrepare, OnBeforeAgentStart with injected -1 messages), and spawning Kit subprocesses with flags to avoid extensions—that together make it straightforward to build stealthy backdoors or exfiltrate secrets to remote services (via network tools or ctx.Complete), so the content is high-risk for deliberate misuse.