trade-skills

The skill's stated purpose (routing requests to akshare-data or tianqin-data) is plausible and the mapping of data types is coherent. However, the installation and execution model raises supply-chain and execution risks: it instructs agents/users to run npx against a third-party GitHub repository (unpinne d), performs global installs into user home directories, and delegates runtime behavior to third-party scripts. These patterns (download-and-execute, unpinned transitive installation, lack of integrity verification, potential for automatic installs without explicit consent) create a moderate-to-high supply-chain security risk. The content does not contain explicit evidence of credential harvesting or direct exfiltration, but it creates conditions where installed skills could perform such actions. Recommend: do not auto-run the npx install; require pinned releases or checksums; verify installs interactively; audit the target repository before installing; limit installation scope and avoid global automatic installation by an agent.