omc-setup

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). This is a personal GitHub repository (unknown maintainer) that instructs running shell/install scripts from the repo—GitHub is better than anonymous file hosts but executing unvetted scripts from a low-profile account poses a meaningful malware/compromise risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 (phases/01-install-claude-md.md) mandates running the setup script to install a CLAUDE.md file (falling back to the public GitHub raw URL https://raw.githubusercontent.com/Yeachan-Heo/oh-my-claudecode/main/docs/CLAUDE.md if needed), which injects publicly-hosted repository content (including /context persistence instructions) into the agent's configuration and thus can directly change agent behavior and tool usage.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The setup explicitly falls back to fetching the canonical CLAUDE.md at runtime (https://raw.githubusercontent.com/Yeachan-Heo/oh-my-claudecode/main/docs/CLAUDE.md), and that downloaded CLAUDE.md contains context/prompt instructions (e.g., tags) which directly control agent behavior and is required for the install—constituting a high-risk external runtime dependency.