qshell

SUSPICIOUS. The skill is largely coherent with its stated purpose and mostly relies on an official Qiniu CLI, so it does not look fundamentally malicious. However, it has meaningful security risk because it can perform destructive storage actions, remote sandbox command execution, cross-cloud credentialed migration, and references an unverified local installer script plus optional custom sandbox API endpoints.

No overt malware indicators are present in the installer logic itself; however, it has significant supply-chain integrity weaknesses. It downloads and executes an external binary from the network with no checksum/signature verification, and archive extraction and binary selection are not strongly hardened beyond basic filename/depth checks. If the artifact source or transport were compromised, the script would install and execute the attacker-controlled `qshell` binary, posing a moderate-to-high security risk for end users running the installer.