hybrid-executor

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The snippet itself is not an embedded malware payload but defines an operational pattern that is high-risk if used without controls: arbitrary shell execution of external model CLIs with user-supplied arguments can lead to command injection and data exfiltration, and trusting unvetted CLIs is a supply-chain hazard. Recommend: (1) never forward secrets/PII to external CLIs without explicit consent and redaction, (2) ensure input is properly escaped/sanitized before shell invocation, (3) verify/pin CLI binaries and installation provenance, and (4) add explicit user confirmations and logging/auditing. Safe to use only in tightly controlled, audited environments. LLM verification: The skill is not overtly malicious but exhibits a high-risk design pattern: it executes user-supplied arguments via shell to invoke external model CLIs, creating plausible data-exfiltration and supply-chain hazards. Immediate mitigations should include eliminating direct raw interpolation into shell commands, adding provenance checks for external CLIs, requiring explicit user consent before delegation, and applying strict sanitization/allow-listing of arguments. Treat this as a moderate-to-high