transcript-fixer

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] This skill's stated purpose (transcript correction + local learning) is plausible and many capabilities match that purpose. However multiple supply-chain and privacy risks are present: it recommends installing a third-party runner via a curl|sh pipe-to-shell, auto-detects API keys by scanning shell configs (reading sensitive files), and depends on running scripts through that runner which can execute arbitrary code. The documentation also lacks safeguards for stored transcript data (encryption, access control) and is ambiguous about where credentials and data flow during fallback paths. No explicit malicious code is present in the provided text, but the installer and credential-scanning patterns are high-risk. Recommend treating this as suspicious: do not run the curl|sh installer, avoid automatic shell-config scanning, require explicit credential provisioning, audit the `uv` installer and all scripts before running, and encrypt the local DB. LLM verification: This SKILL.md appears functionally consistent with a transcript-correction tool, but it contains multiple supply-chain and credential-scope risks: remote curl|sh and PowerShell install instructions (astral.sh) are dangerous download-and-execute patterns, and the enhanced wrapper's auto-detection/scanning of shell config files for GLM/Anthropic keys is broader than necessary and could expose unrelated secrets. No direct evidence of malware or exfiltration endpoints is present in the provided text