skill-support

The skill-support description coherently maps to a robust internal support CLI for triage, health checks, and evals. However, the use of a direct install-from-remote-script (curl ... | bash) is a significant supply-chain risk that is not proportionate to the stated security posture. The memory-only secret handling and broker-based secret materialization are advanced controls that are beneficial if implemented with strict lifecycle, logging redaction, and minimal in-memory exposure. The combination of multi-source secret flows, transitive skill auto-linking, and reliance on external broker endpoints elevates risk. Recommendation: replace curl | bash with signed releases or a verified package manager, implement code signing verification, pin install script hashes, enforce least-privilege and strict memory/log protections for secrets, and document explicit data-flow provenance and auditability for broker interactions.