mm-cli-skill

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs include direct installer scripts (.sh and .ps1) hosted on a project's GitHub Pages which the skill explicitly tells users to curl/irm and pipe into sh/iex — a high-risk distribution pattern for malware (openrouter.ai is only an API endpoint and not itself a download).

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill documentation exposes multiple high-risk, intentional-features that can be abused for data exfiltration and remote code execution — notably remote installer/pip installation, auto-discovered/overrideable Python encoders, inline/pyfunc transforms (arbitrary Python execution), configurable external LLM endpoints (arbitrary base-URL/profile) that will receive file contents, and options to bypass .gitignore — any of which can be combined to steal secrets, install backdoors, or execute arbitrary payloads.