session-start

[Skill Scanner] Installation of third-party script detected This is a developer 'session-start' skill that mostly aligns with its stated purpose: it checks environment tools, repo state, and GitHub project board, and can start local services. It does not contain explicit malicious payloads or obfuscated code. However, it contains higher-risk operational behaviors: automatic resumption of autonomous orchestration without an explicit prompt, execution of local init scripts, and package installs (pnpm/pip) which can run arbitrary code. Those behaviors increase the chance of unintended actions or supply-chain execution. Recommend treating the 'auto-resume' behavior as dangerous unless explicit prior consent is recorded, and audit any init scripts and package.json/pip dependencies before running installers. LLM verification: Functionally aligns with a session-orientation role, but contains elevated, potentially unsafe behaviors: automatic starting of services and an unconditional resume of autonomous orchestration driven by MCP memory. These behaviors can change host state and trigger autonomous workflows without explicit user consent, representing an operational and supply-chain risk. No direct evidence of malware or credential harvesting is present in the provided fragment, but the combination of automatic executi