xurl

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] This Skill doc describes a legitimate-seeming CLI client for X API and the capabilities are consistent with that purpose. The principal supply-chain risk is the installer patterns and unpinned upstream installs (especially the curl|bash raw GitHub install), which allow remote code execution during install and increase risk if upstream is compromised. The CLI's authorization model (local ~/.xurl tokens) is appropriate, and the doc correctly warns agents not to expose secrets. There is no explicit evidence in this documentation of credential exfiltration, backdoors, or obfuscated malicious code, but the documentation alone cannot prove the distributed binaries/packages are safe. Recommend treating this as medium-risk: audit the upstream repository, avoid pipe-to-shell installs, prefer pinned releases from trusted registries, and never run auth/secret commands in an LLM/agent context. LLM verification: Behavior is consistent with a legitimate CLI for X API; capabilities align with stated purpose (reading ~/.xurl, attaching Authorization headers, calling X API endpoints). However, there are supply-chain and operational risks: a curl|bash install command (remote script executed locally) and unpinned installs (go install @latest, npm -g) raise real supply-chain concerns. The skill exposes sensitive flows (reading ~/.xurl and sending Authorization headers) that are proportionate but need careful h