spice-setup

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Most links are to official Spice.ai documentation and a localhost runtime, but the presence of an installer endpoint (install.spiceai.org) and a direct PowerShell script (Install.ps1) used with “curl | bash” and “iex … DownloadString” is a risky pattern because it fetches and executes remote scripts—safe if you fully trust and verify the domain but high-risk if the source or transport is compromised.