skill-compass

This is a bootstrapper with no obvious direct malware in the snippet, but it has significant supply-chain execution risk: it executes a remotely fetched installer as root (`curl ... | sudo ... bash -`), installs global npm tooling without pinning, and clones/pulls upstream GitHub code without pinning or integrity verification before staging scripts for later execution. Review/pin versions/commits and add integrity checks before running in a sensitive environment.

No direct malware is evident from this workflow YAML alone. However, it materially increases CI supply-chain risk by cloning an external fixtures repository without pinning to an immutable revision and by executing npm install/build/verify scripts (which may trigger dependency lifecycle scripts). The workflow should be hardened by pinning the fixtures to a commit SHA and pinning GitHub Actions to immutable references; consider mitigations for npm script execution if feasible.

This module appears to be a legitimate Git-based update checker, with no clear evidence of direct malware behavior (no hardcoded secrets, no data theft/exfiltration, no obfuscation). The main security concern is operational: it shells out to git for fetch/pull across directories derived from inventory, which can cause outbound network access and can indirectly trigger local effects (including potential git hook execution depending on environment/config). It also ingests remote text from fetched commits (SKILL.md/skill.md) and executes a caller-provided callback (options.snapshot) during pull operations. Overall, malware likelihood is low, but security/operational risk is moderate and depends strongly on trust in inventory/skill paths and Git repo/remote sources.

This is a lifecycle-hook configuration that executes local Node.js scripts on key workflow events. The only observable security-relevant issue in this fragment is the command-execution sink that runs scripts from a plugin root derived from environment/config with a relative fallback; this increases supply-chain risk if path selection or working directory can be influenced. The fragment itself shows no direct malicious code, but malicious tracking/gating or other payload behavior could exist inside the referenced scripts, which are not provided here.