doc-to-repo

[Skill Scanner] Installation of third-party script detected All findings: [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill's stated purpose (extract text and metadata from external files into .docstore/) matches the described capabilities. There are no explicit network exfiltration endpoints or hardcoded credentials. The primary security concerns are scope/proportionality: the allowed toolset (Bash, Read, Write) grants broad filesystem access and the skill suggests installing third-party Python packages (pip), which are legitimate for extraction but introduce supply-chain risk if users blindly install untrusted packages. Overall the content appears functionally appropriate and not malicious, but the combination of shell/python execution and unrestricted file-reading deserves caution. Recommend restricting which paths the skill may read (or prompting clearly about sensitivity), and advising pinned/verified installs rather than free-form pip guidance. LLM verification: The skill implements a clear, legitimate document extraction workflow and does not contain explicit malicious code or data-exfiltration logic. Primary risks are operational: use of shell/python -c execution and unpinned pip install guidance which raise supply-chain and arbitrary-code-execution concerns. Recommend treating the skill as functionally benign but medium risk: enforce dependency pinning/verification, avoid running arbitrary shell snippets in automated contexts, and limit execution pri