Missing User Warnings
Medium
- Confidence
- 95% confidence
- Finding
- The skill includes package installation and test execution commands that can change the local environment and run arbitrary code from project dependencies, test hooks, or repository scripts. In an agent context, presenting these commands without explicit safety warnings or sandboxing guidance is dangerous because tests and package managers commonly execute untrusted code during install and run phases.
