mise

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] Benign in intent and highly useful as a skill for managing development environments, but the code/documentation exhibits notable supply-chain risk patterns (remote installer via curl | sh, auto-activation in shells, and CI fetches) that require explicit trust boundaries, verification, and user consent. Given the presence of download-execute patterns and external code execution in install flows, the overall risk is elevated and should be treated as suspicious until provenance and integrity checks are ensured. Recommend restricting remote installer usage, verifying checksums/signatures, and clarifying security boundaries in CI contexts. LLM verification: This skill documentation itself is not executable application code, and it plausibly documents a legitimate development tool (mise). However, it repeatedly instructs high-risk install and execution patterns (curl | sh installer, unpinned GitHub release asset selection, automatic eval activation in shell rc files, and CI-run remote installers). Those patterns constitute significant supply-chain risk: an attacker controlling the installer URL, an upstream release, or a compromise of mise.run or Gi