pravidhi-commit-protocol

[Skill Scanner] Installation of third-party script detected All findings: [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill is functionally coherent and aligned with its stated purpose: it orchestrates a thorough local development workflow with hygiene, auditing, and guarded commits. There are no direct signs of malicious intent or embedded exfiltration. Primary security concerns are operational: (1) the workflow runs project-provided hooks and arbitrary build/test scripts which can execute repository code — this is a legitimate but potentially dangerous behavior if the repository contains malicious scripts; (2) secret scanning and many commands will print local content to the agent's output — if the agent's environment forwards outputs externally, sensitive data could be leaked; (3) suggested installs are unpinned which is a supply-chain risk. Overall this is not malicious, but it carries a moderate supply-chain / operational risk that depends on the execution environment and trust in installed tools and repository contents. Recommend: run in a sandboxed environment, avoid exposing agent outputs externally, pin critical tool versions where possible, and treat project hooks as untrusted until inspected. LLM verification: This skill is documentation-only and its capabilities are consistent with its stated purpose (a guarded, opinionated git workflow). There is no embedded malware or obfuscated payload in the text. The main risks are operational/supply-chain: repeated unpinned third-party install recommendations, guidance to execute arbitrary CI/run steps and hooks (which can execute arbitrary repository code), and references to credential locations (used responsibly here for .gitignore and secret-scanning but inc