LLM

[Skill Scanner] Instruction to copy/paste content into terminal detected All findings: [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill is documentation plus example code to integrate with an LLM SDK. The capabilities and configuration requests are consistent with the stated purpose. There are no direct signs of malicious behavior in the supplied content. The main security considerations are operational: ensure the SDK and baseUrl are from a trusted provider, keep the .z-ai-config (apiKey) on the backend and out of version control, and validate user inputs before sending to the LLM as appropriate. Overall the skill appears benign but integration-time caution is required around the configured API endpoint and handling of credentials. LLM verification: The provided SKILL.md content is documentation and examples for using a third-party LLM SDK. It contains no direct evidence of malicious code, obfuscation, hard-coded credentials, or dangerous runtime behavior in the supplied text. The main security risks are supply-chain and configuration trust: (1) trust in the z-ai-web-dev-sdk package (requires independent audit) and (2) the user-configurable baseUrl which, if set to a malicious endpoint, could receive apiKey and conversation data and cause c