cli-anything-hub

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Not an immediate direct-executable download, but the GitHub repo is from an unknown account and the clianything.cc site plus the SKILL.txt instructs users to pip-install unvetted cli-anything-* packages — a supply-chain / install-time code risk that could distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly points to a live, auto-updated public catalog at https://clianything.cc/SKILL.txt (and the registry https://clawhub.ai in origin.json) that the skill expects to read/use to resolve and install third-party CLI packages, so untrusted public content could directly influence tool selection and agent actions.