drawnote-skill

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] No clear malicious code or intentional data-exfiltration behavior is present in the provided skill description. The functionality (render HTML from templates and screenshot via Playwright) matches the stated purpose. Notes of caution: (1) the example invocation referencing a plugin-local path (~/.claude/plugins/...) is inconsistent with the 'save to current working directory' guidance and could expose or rely on platform-specific plugin locations; (2) auto-accepting browser dialogs and disabling prompts reduces user safeguards during rendering and increases risk if untrusted HTML or external resources are loaded. Recommend: run Playwright rendering in a sandboxed environment, avoid loading remote scripts in generated HTML by default, and clarify which WebSearch provider is used and whether network access is proxied. Otherwise this skill appears benign. LLM verification: No direct malicious code or obvious backdoor is present in the provided SKILL.md content. The skill's capabilities generally align with its stated purpose (generate HTML and screenshot it). However, there are supply-chain and operational risks: unpinned npm installs (installing Playwright without lockfiles), instructions to execute a script inside a plugin path, automatic acceptance of dialogs, and use of WebSearch and Playwright which can cause external network requests and potential data leaka