llmem-setup

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These URLs include a personal GitHub repo and a raw GitHub-hosted setup.sh (which would be piped to a shell) from an account of unclear reputation — a common vector for malicious installers — alongside an official-vendor ollama.com install script, so executing them without review is moderately risky.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs runtime fetching-and-executing of remote scripts (e.g., curl -sSL https://raw.githubusercontent.com/MichielDean/LLMem/main/setup.sh | bash, curl -fsSL https://ollama.com/install.sh | sh, and git clone https://github.com/MichielDean/LLMem.git followed by ./setup.sh), so externally fetched content is executed and is required for setup.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). Flagged because the skill directs the agent to execute installation scripts (curl | bash), clone and install packages, write/edit config and service files, and enable systemd timers—operations that change the host's state and can introduce remote code execution or system-level behavior even if sudo is not explicitly requested.