tensorpm-agentic-pm

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links include direct raw .sh and .ps1 installer scripts from an unverified GitHub user and recommend piping remote content directly into shell/PowerShell (curl | bash / irm | iex), plus an unknown GitHub Releases page that could host binaries—this delivery pattern (remote scripts/binaries from a potentially unfamiliar account) is high-risk for malware distribution; the localhost URL itself is not inherently dangerous but is likely part of that unverified install flow.