smart-contract-audit

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains multiple deliberate, high-risk directives that enable concealment and biased reporting (notably: blanket instructions to IGNORE the project’s .context directory while writing mandatory outputs into .context/outputs, a mandated “always prefer lower severity” policy, and structured logging rules that could be used as covert/exfiltration channels), which together create a clear supply‑chain/backdoor and audit‑suppression risk that can be abused to hide malicious files or underreport true vulnerabilities.