solidworks-automation

This file does not show overt malicious logic (no credential theft, exfiltration, or backdoor behavior). However, it is a high-risk supply-chain bootstrapper: it auto-clones/auto-updates unverified remote repository code into agent “skills” directories and then installs a Python dependency via pip using a version range. The main security exposure is compromise or malicious change of the upstream repository (and/or pip dependency resolution), which could lead to arbitrary code execution when the installed skill is later used by external tooling.

The package will execute a local JavaScript installer automatically during npm install and also installs a CLI that runs the same file. This is a high-risk pattern because the install.js contents are unknown and could perform telemetry, data exfiltration, arbitrary command execution, install backdoors, modify git hooks, or damage the system. You must inspect install.js (and any scripts it downloads or invokes) before installing or running the package. If you cannot review the file, avoid installing or run installation in an isolated environment (container/VM) with restricted network and file access.