slash-command-builder

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] BENIGN: The code fragment is a structured guide for creating and managing Claude Code slash commands. It is internally consistent with its stated purpose, does not execute or fetch data on its own, and does not request sensitive credentials or perform covert data flows. The presence of example frontmatter is appropriate for documentation and does not imply malicious activity. Data flows are confined to user-driven usage within the Claude UI and local command files. LLM verification: The document is benign instructional content for building slash commands and does not itself contain malware, obfuscated code, or exfiltration endpoints. However, it contains multiple examples that, if copied into active command files and granted broad allowed-tools, create realistic command-injection, destructive-operation, and supply-chain risks (notably unsanitized argument interpolation, `rm -rf`, and `npm install`). Recommend tightening examples, narrowing recommended permissions, and addin