utoo

[Skill Scanner] Pipe-to-shell or eval pattern detected This skill manifest requires executing a remote unpinned installer via curl | bash and forces all package-manager operations through the utoo/ut binary. While its stated functionality (unified package manager wrapper) could be legitimate, the mandatory download-and-execute behavior, lack of integrity checks, and coercive requirement to avoid native package managers are high-risk supply-chain patterns. There is no direct evidence inside this manifest of embedded credential exfiltration or obfuscated malware, but the installer and subsequent package lifecycle scripts could easily perform unauthorized actions. Treat this skill as suspicious and high-risk: do not run the installer or allow automatic execution without manual inspection and verification of the installer, its signature/checksums, and the upstream domain. LLM verification: The documented skill provides a plausible wrapper for npm workflows, but its operational instructions contain high-risk supply-chain practices. The explicit pipe-to-shell installer, the mandate to replace native package managers, and the lack of integrity/provenance controls are significant red flags. Treat this as a risky component: do not run the installer or adopt the forced workflow in sensitive environments without auditing the installer script and the resulting binary. The code/text shows

The manifest alone is not overtly malicious but contains a high-risk postinstall hook that executes a shell script (scripts/setup.sh) and writes to hidden user/project directories. This is a legitimate pattern for provisioning 'skills' but is a common supply-chain attack vector. Inspect scripts/setup.sh before installation or run installation in a sandbox. If the script downloads or executes remote code or reads environment secrets, consider the package untrusted.