update-config

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These are raw GitHub URLs that instruct running a remote shell script from an apparently personal/unknown repository — executing such a script directly is high risk because it can run arbitrary code on your machine and there is no visible vetting or popularity signal for safety.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches and then executes untrusted code from raw.githubusercontent.com (the remote VERSION and the install.sh URL in Step 1/Step 2 of SKILL.md), so third‑party content from that public GitHub repo can directly control installer behavior and executed actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill fetches remote content at runtime and directly executes it via bash <(curl -fsSL https://raw.githubusercontent.com/Mizoreww/awesome-claude-code-config/main/install.sh) (and also reads https://raw.githubusercontent.com/Mizoreww/awesome-claude-code-config/main/VERSION), so the fetched content can execute code and control the install/interactive prompts.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill instructs the agent to non-interactively download and execute a remote installer (bash <(curl ...)) that modifies user configuration, installs fonts/dependencies and rewrites files under the user's home, so it changes the machine state and could be harmful even though it does not explicitly request sudo or create system-level accounts.