nail-technician

The snippet is a cross-tool, persistent installer that fetches externally hosted markdown and injects it into global system-prompt/rules and skill directories across multiple coding assistants. While the fragment itself has no explicit malware code, the lack of integrity checks and the persistence into high-impact instruction surfaces makes it a significant supply-chain/prompt-injection risk. Review the referenced SKILL.md contents and the tools’ handling/execution model before use.