QMD Search

The skill is suspicious due to two main high-risk behaviors. First, it instructs the AI agent to install a package globally from a GitHub repository (`bun install -g https://github.com/tobi/qmd`) during setup, which is a supply chain risk as it executes arbitrary remote code. Second, the `SKILL.md` instructs the agent to 'use the Read tool on the file path' for search results. This creates a potential arbitrary local file read vulnerability if the `qmd` tool (or a crafted user query) can be made to return sensitive file paths (e.g., via path traversal), allowing the agent to read and potentially expose their contents.