wasm-wasmtime

This SKILL.md is a technical guide for using wasmtime and does not contain code that is overtly malicious. However, it includes multiple high-risk supply-chain and configuration patterns: an explicit curl | bash install command (download-and-execute), recommendations to inherit environment and pre-open host directories for WASM, and enabling experimental networking WASI features. These patterns are legitimate for development but can be dangerous when running untrusted WASM because they increase potential for credential exposure and data exfiltration. Recommend: avoid pipe-to-shell installs (use package manager installers or verify signatures/checksums), avoid inheriting env/stdio or preopening directories when running untrusted modules, and carefully gate experimental network capabilities. Overall, functionality matches the stated purpose, but the installation and example configurations contain supply-chain and privilege-exposure risks that must be mitigated in hostile or multi-tenant environments.