mx-shell-prompt

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Most URLs are documentation or vendor sites (jimeng.jianying.com, seedance.ai, klingai.com, agentskills.io, semver.org) and are low risk, but the GitHub repo at github.com/ttfake92-lab (used as an npx/installation source) is suspicious—username looks odd and installing/running code directly from an unknown GitHub account can execute arbitrary code, so it represents a meaningful malware-distribution risk unless you inspect and verify the repository first.