gorden-ppt-skill

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). The set includes a personal GitHub repo (github.com/GordenSun/GordenPPTSkill) whose SKILL.md explicitly tells an agent to run a local update script that will pull code/files from that repo (a supply‑chain / remote‑code execution vector), while the rest are benign documentation/third‑party references (LibreOffice, Poppler, python‑pptx, OpenXML schemas); the auto-update instruction to execute repo-provided Python is the main red flag.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill mandates running python3 scripts/apply_update.py on first use, and updates.json is configured to pull from the git+https://github.com/GordenSun/GordenPPTSkill.git#main repository at runtime, meaning remote files (including SKILL.md and scripts) are fetched and can change the skill's instructions and executable code—so the git+https://github.com/GordenSun/GordenPPTSkill.git#main URL is a runtime external dependency that can control prompts or execute code.