python-dependency-management

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This SKILL.md is internally consistent: capabilities map to the stated purpose of managing Python dependencies and virtual environments. I found no explicit malicious code, hardcoded secrets, obfuscation, or third-party credential exfiltration routes in the document. The primary risks are operational: executing local shell scripts and package manager commands and automatically modifying repository state and storing persistent project memory. Those behaviors are plausible and proportional for a dependency-management skill but carry supply-chain risk if the repository or scripts/ directory is compromised. Recommend: ensure the platform running this skill verifies integrity of scripts before executing, require explicit user consent for repository-modifying actions (creating .claude-venv, adding to .gitignore), and document MemoryStore retention and access policies to address privacy and security concerns. LLM verification: The skill's claimed purpose (automated Python dependency and venv management) matches the operations it requests (filesystem checks, venv creation, running package managers, storing project memory). However, the workflow forces execution of external shell scripts and installation commands (pip/poetry/conda), and the scripts' contents are not supplied — that is the main risk. Because the skill will download and execute third-party packages and persist memory, and because the implementation detail