still-reading

Functionally, the skill's capabilities (fetch raw markdown and render it for RSVP reading) are coherent with its stated purpose. The primary security concerns are supply-chain and distribution risks: the documentation instructs users to run curl | bash install scripts served from stillreading.xyz and here.now, which is a high-risk download-and-execute pattern without integrity checks. The skill also encourages hosting and fetching arbitrary public markdown URLs, which could lead to loading attacker-controlled content or accidental exposure of sensitive URLs. There is no indication that credentials are requested or forwarded, and no obvious malicious code in the documentation itself, but the install and distribution model increases supply-chain risk. Recommendations: avoid piping remote scripts directly to shell; provide signed releases, checksums, or package installs from trusted registries; clearly warn users not to publish sensitive content to public hosts and avoid embedding URLs that include secrets.