Missing User Warnings
Medium
- Confidence
- 96% confidence
- Finding
- The README says the skill will 'automatically install all dependencies' but does not clearly frame this as a security-sensitive action involving execution of external code and components. In an agent-skill context, auto-installation is more dangerous because users may delegate installation to an LLM-driven toolchain and not review what gets fetched or executed.
