autoresearch

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill is not overtly malware, but it intentionally delegates code-writing and commit power to a remote LLM (claude -p) with permissive flags, sends repo context in prompts (risking data exfiltration), and provides multiple practical paths for remote code execution or persistent backdoors (LLM-written files, commits, post-install scripts, external API enrichment), so it presents a high risk of abuse for exfiltration, backdoors, or supply‑chain compromise if misused.