GitHub Extract

The skill is suspicious due to the direct execution of `wget` with a user-provided URL in `gh_extract.py`. The `SKILL.md` instructs the AI agent to pass user input directly as the `<url>` argument to the Python script, which then uses `subprocess.run(['wget', ..., url])`. While `subprocess.run` with a list mitigates direct shell injection, it exposes the `wget` command to potential vulnerabilities if a crafted URL can exploit `wget` itself (e.g., arbitrary file writes or SSRF), representing a lack of robust input sanitization for external command execution.