invoice-scanner

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] No sign of remote exfiltration, obfuscated malware, or credential harvesting in the provided specification. However, the skill specification includes multiple destructive filesystem operations that are disproportionate or risky for a scanning tool: pre-scan deletion of .xml/.ofd, deletion of original ZIPs after extraction, flattening archive contents into report directory (risk of overwriting), and use of rm -rf without safeguards. These behaviors can cause data loss or privacy leakage (printing extracted PII). If implemented as-is without safety checks, this skill is SUSPICIOUS and poses moderate security risk. Recommend adding explicit confirmations, backups, non-destructive defaults (keep originals), path sanitization, and limiting console output of PII. LLM verification: This skill's stated purpose (invoice scanning, extraction, validation, reporting) aligns with the described operations (reading image/pdf files, extracting fields, summarizing). There are no indications of network exfiltration or credential harvesting. However, multiple filesystem-destructive operations (rm -f original zips, rm -rf temp dirs, bulk deletions of .xml/.ofd/.zip) combined with a flattening extraction step (unzip -> find -exec mv -> move all files to report dir root) create meaningfu