CRUD Code Generator

The skill bundle provides a CRUD code generator that requires high-risk capabilities, including scanning the local file system using 'find' to identify project structures and executing shell commands like 'mvn clean package' and 'npm run dev' for build verification (SKILL.md). While these actions are aligned with the stated purpose of generating and verifying code within a Java/Vue project, the broad shell execution and project-wide scanning represent a significant attack surface (potential RCE or information disclosure) if the agent is directed toward untrusted directories or malicious build files. No clear evidence of intentional malice, such as data exfiltration or backdoors, was found in the templates or instructions.