HiLink LTE Modem

The skill bundle contains a critical vulnerability in `scripts/hilink.sh` where the `cmd_sms_read` function allows for arbitrary Python code execution (RCE) by unsafely interpolating the `$index` shell variable into a `python3 -c` command string. Additionally, the script requires `sudo` privileges for network interface management and route manipulation, and it uses `source` on a local configuration file (`~/.config/hilink/config`), which could lead to local privilege escalation if the file is compromised. While these capabilities are plausibly required for managing hardware modems, the lack of input sanitization makes the bundle highly risky.