railway

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] supply_chain: Download or install from free hosting/deployment platform detected (SC007) [AITech 9.1.4] [HIGH] supply_chain: Download or install from free hosting/deployment platform detected (SC007) [AITech 9.1.4] BENIGN / Legitimate management skill. The instruction file coherently describes a Railway CLI management workflow and the capabilities requested are consistent and proportionate for that purpose. The primary security considerations are operational: the skill requires running shell commands and can read and modify env vars and deployments (powerful actions). Ensure the runtime enforces confirmation prompts for destructive commands and correctly redacts secrets before displaying or logging outputs. No evidence of malicious code, credential harvesting via third-party endpoints, or obfuscation was found.