QMD CLI

The skill instructs the agent to install a global CLI tool (`qmd`) from a remote GitHub repository (`https://github.com/tobi/qmd`) using `bun install -g` as detailed in `SKILL.md`. This constitutes a supply chain risk, as the installation process can execute arbitrary code from the remote package. Additionally, the skill can instruct the agent to run `qmd mcp`, which starts a server process, potentially exposing an attack surface. While these actions are aligned with the stated purpose of providing `qmd` functionality, they involve high-privilege operations and risky capabilities without clear malicious intent from the skill bundle itself.