dotnet-linq-optimization

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] BENIGN. The code fragment is a documentation/education skill describing LINQ performance patterns and EF Core querying best practices. There are no suspicious data flows, credential handling, or download/execute patterns. Footprint and data flows align with its stated purpose of guidance and examples. LLM verification: The skill fragment is coherently aligned with its stated purpose (LINQ optimization patterns for .NET). However, there are suspicious signals flagged by the static scanner: (a) a natural-language instruction referencing a URL that could be interpreted as a download/install instruction, and (b) directives to hide actions from the user. While these do not constitute active malware in the fragment itself, they elevate risk and warrant caution in automated use (e.g., ensuring no hidden download/exec