plannotator

The skill presents a coherent purpose as a visual plan/diff review tool with multi-CLI integrations and note-saving capabilities. However, its footprint includes a remote download-and-execute installer from an external domain, broad installation of multiple third-party CLIs, and modification/read access to local configuration files and vaults. These patterns create non-trivial supply-chain and credential-surface risks, and the data flows involve potentially sensitive plan data being written to local notes systems. Overall, the footprint is suspicious rather than benign given the unverifiable installer and broad integration surface; it leans toward a high-risk but not clearly malicious profile. Treat as Suspicious with a focus on restricting external install sources, ensuring signed/release-verified binaries, and tightening access to local configuration and note-saving endpoints.

The script is a typical installer wrapper with optional integration setup. The major security concern is the remote installer execution via curl | bash, which can run unverified code from an external source. This is a high-risk pattern (source-to-sink path) and should be mitigated by using verified installers, checksums/signatures, or downloading to a file and running with explicit verification. Otherwise, the script itself contains no overt malicious behavior, but relies on external remote code that could compromise the system if the remote source is compromised.