openmonoagent-local-ai-coding-agent

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Most links are documentation or local endpoints and appear low-risk, but the skill explicitly instructs running a raw GitHub-hosted installer script via curl|bash (and references pulling Docker images), which is a common high-risk distribution pattern unless you audit the script and repo first.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The installer command "bash <(curl -fsSL https://raw.githubusercontent.com/StartupHakk/OpenMonoAgent.ai/refs/heads/main/get-openmono.sh)" downloads and executes a remote shell script at runtime (used for installation), so the fetched content directly executes code and is a required runtime dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill documentation includes explicit privileged system commands (installer that installs Docker, sudo usermod -aG docker $USER, sudo ufw allow, suggestions to run with sudo, docker run exposing host ports) that modify host state and require elevated privileges, so it encourages changes to the machine's configuration even if many operations are presented as user actions and some tooling is sandboxed.