dotenvx

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These URLs point to a project-specific .sh domain serving an install.sh script and the skill explicitly instructs piping that remote shell script to sh (curl | sh), which is a high-risk pattern for delivering arbitrary/malicious code from an unverified source.