vscode-tunnel

The skill downloads and executes a binary from a remote URL (code.visualstudio.com) using `curl` and `tar` in `tunnel.sh`. While the source is legitimate and the stated purpose (VS Code Remote Tunnel) is benign, the act of fetching and executing remote code is a high-privilege operation and introduces a supply chain risk. If the download source were compromised, this skill could be leveraged to execute arbitrary malicious code. The script correctly quotes user-provided arguments, preventing direct shell injection, and there are no signs of prompt injection against the agent in `SKILL.md` or other malicious behaviors like data exfiltration or unauthorized persistence mechanisms beyond the intended background tunnel process.