stylekit-style-prompts

No direct signs of overt malware (no exfiltration/networking/credential theft/obfuscation) are evident in this module. The primary security risk is operational/safety: recursive forced deletion and recursive copying are performed to a destination derived from a user-controlled --target (path.resolve(expandHome(...)) without allowlisting), which could lead to accidental or abusive destruction/overwrite of arbitrary directories. Additionally, doctor() executes python3 and imports a module from the bundled payload’s scripts directory, so a tampered payload could execute arbitrary Python code during validation.