decision-critic

[Skill Scanner] Instruction directing agent to run/execute external content The manifest itself does not contain executable malicious code, but its instruction to immediately run an unseen Python module constitutes a high-risk supply-chain and operational practice. Treat this artifact as suspicious: do not execute the referenced script without first obtaining and reviewing the script source, verifying its provenance and integrity (commit history, author, checksum), and restricting execution (sandboxing, minimal privileges, explicit allowed network endpoints). If execution is necessary, run in an isolated environment with no sensitive credentials and monitor outbound connections and file system changes. LLM verification: The SKILL.md directs immediate execution of a local Python module and explicitly forbids prior analysis. The absence of the invoked module's source, lack of provenance, and missing sandboxing instructions constitute a supply-chain security risk. Treat this skill as suspicious: do not execute the referenced script in production or on privileged hosts until the module's code is provided, audited, and execution is constrained to a minimal sandbox.