outlook

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) [HIGH] command_injection: Reference to external script with install/setup context (SC005) Functionally coherent with its stated purpose (Playwright-based Outlook automation), but contains supply-chain and privacy risks: it recommends executing a remote install script from canifi.com and supports storing plaintext credentials in a third-party-managed environment. The documentation also references an external iMessage notification path for 2FA. Because the installer and runtime behaviors are not provided here, treat this skill as SUSPICIOUS: audit the installer and any canifi-hosted services before use, prefer manual browser sessions or OAuth alternatives, and verify that no email data or credentials are transmitted to third parties. LLM verification: The skill's stated functionality (automating Outlook via Playwright) is coherent and technically plausible. However, the use of unaudited remote installers (curl | bash from canifi.com) and the optional instruction to store plaintext account passwords in a local canifi-env represent significant supply-chain and credential storage risks. The documentation's claim that credentials are never transmitted cannot be validated from the provided materials. Recommendation: Treat the package as SUSPICIOUS