ruler-progress-render

SUSPICIOUS: the skill’s stated purpose is coherent, but it achieves it by cloning mutable code from a personal GitHub repo, updating to origin/HEAD, installing npm dependencies, and executing them. That footprint is broader than a simple renderer and creates meaningful supply-chain risk, though there is no clear evidence of credential theft or overtly malicious behavior.

No overt malicious behavior is visible in this Bash fragment (no explicit exfiltration, backdoor logic, or credential theft). However, it is inherently high-risk from a supply-chain perspective: it clones/fetches an external repository (and may pull the moving default branch), runs npm install (dependency lifecycle execution) without integrity/provenance enforcement, and executes repository-defined npm scripts (or npx-based Remotion rendering) that can execute arbitrary code. Treat REPO_URL and the dependency graph as untrusted unless locked/pinned and verified; additionally, constrain OUTPUT_PATH in CI environments to reduce operational misuse risk.