claude-connect

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The GitHub repo is from an individual account and (together with the docs site) distributes/installable shell scripts that read/write macOS Keychain and OAuth tokens and instruct you to run installers/launchd jobs—actions that can enable credential theft or persistent access if the code is malicious or unreviewed, so treat as potentially risky until you inspect and verify the code and author.