secrets-manager

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). This URL points to a GitHub repository by an unknown user and is used as a direct "pip install git+..."/python -m package — which runs unreviewed code that could exfiltrate secrets or include malware, so it is high risk unless the repo is audited and trusted.