before-and-after

[Skill Scanner] Installation of third-party script detected All findings: [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] Functionally coherent with its described purpose (taking before/after screenshots and integrating them into PRs), but contains multiple supply-chain and data-exfiltration risks. Notable risks: unpinned global npm installs, mandatory download/execute patterns, default uploads to an external anonymous host (0x0.st) that will exfiltrate screenshots (which can include sensitive data), and guidance that encourages obtaining/using Vercel/gh credentials (vercel inspect, gh pr edit). These behaviors make the skill SUSPICIOUS: acceptable for trusted, deliberate use only with strong warnings and user confirmation; do not run in untrusted environments, and avoid default external uploads for sensitive screenshots. Recommend adding explicit warnings, making upload endpoint opt-in (not default), avoiding global npm installs (prefer npx), and never instructing operators to reveal tokens — instead request user-provided accessible URLs or use secure OAuth flows. LLM verification: The skill's stated purpose (visual before/after screenshots and optional PR integration) matches its documented capabilities, but it instructs the agent/user to perform unpinned global installs, to upload images to third-party anonymous hosts by default, and to obtain/handle Vercel bypass tokens and GH CLI credentials. Those patterns are supply-chain and credential-exposure risks. I classify this as suspicious/vulnerable rather than overtly malicious: acceptable for use in trusted contexts only