discuss

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Two of the links (127.0.0.1 and prismjs.com) are benign (local server and documentation), but the raw.githubusercontent.com link is a direct install.sh intended to be curl|sh'd from a GitHub repo (codesoda/discuss-cli), which is a high-risk distribution vector if the repository or maintainer isn't verified.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's preflight can run the install command curl -sSL https://raw.githubusercontent.com/codesoda/discuss-cli/main/install.sh | sh at runtime to fetch-and-execute a remote install script required for the skill to run, which directly executes remote code and thus poses a high risk.