github-repo-architect

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] No direct malicious code is present in the supplied skill document: it is primarily documentation/instruction for repository architecture automation. However, the examples demonstrate high-risk automation (mass cloning, committing, and pushing across an organization) and use an unspecified MCP memory/backplane (mcp__claude-flow__*) to store analysis results — this external storage represents a potential data exfiltration vector if that service is untrusted. The skill therefore warrants caution: require explicit least-privilege credentials, vet the MCP backend, and review automation scripts before execution. Overall: suspicious due to broad privileges and opaque external memory service, not outright malicious based on the provided content. LLM verification: This skill's capabilities and actions are consistent with its stated purpose (repository architecture and multi-repo automation). There are legitimate but powerful operations: cloning many repos, committing and pushing standardized changes, running npm/npx installers, and deleting temporary directories. I find no evidence of deliberate credential harvesting, obfuscated malware, or exfiltration to third-party domains in the provided text. However, the presence of rm -rf, automated mass-push behav