Vulnerability Description
The README recommends installing the skill via a one-liner that pipes curl directly to bash:
curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-ads/main/install.sh | bash
This pattern has known supply chain risks:
- No integrity verification — if the GitHub CDN (
raw.githubusercontent.com) is compromised or the connection is MITM'd, the script executed could be malicious
- Truncation attacks — if the TCP connection drops mid-download, bash executes a partial script (though
set -euo pipefail in the script partially mitigates this)
- No signature/checksum — there is no way to verify the script is authentic
Impact
- Severity: Medium (supply chain)
- A compromised
raw.githubusercontent.com response or MITM attacker could execute arbitrary code on the user's machine
- Affects every user who follows the recommended install method
Real-World Precedent
Similar attacks have occurred:
- Polygon Network (2021): GitHub CDN compromise
- Multiple npm packages (various): supply chain attacks via install scripts
Proposed Fix
Option A: Add SHA256 checksum to README (simplest)
# Download and verify before executing
curl -fsSLo install.sh https://raw.githubusercontent.com/AgriciDaniel/claude-ads/main/install.sh
echo "abc123def456... install.sh" | sha256sum -c
bash install.sh
Generate checksum in CI/CD and update README on each release.
Option B: Recommend git clone + local install (most secure)
git clone https://github.com/AgriciDaniel/claude-ads
cd claude-ads
bash install.sh
Option C: GitHub Releases with signed assets
Publish install.sh as a release asset and sign it with GPG.
Additional Context
- The
install.sh script itself is well-written (set -euo pipefail, main function wrapper, trap for cleanup)
- The script clones from the same repo — so the clone step has integrity via git's cryptographic verification
- The risk is only in the initial bootstrap via
curl | bash
Found during a full security audit of the repository.
Vulnerability Description
The README recommends installing the skill via a one-liner that pipes
curldirectly tobash:curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-ads/main/install.sh | bashThis pattern has known supply chain risks:
raw.githubusercontent.com) is compromised or the connection is MITM'd, the script executed could be maliciousset -euo pipefailin the script partially mitigates this)Impact
raw.githubusercontent.comresponse or MITM attacker could execute arbitrary code on the user's machineReal-World Precedent
Similar attacks have occurred:
Proposed Fix
Option A: Add SHA256 checksum to README (simplest)
Generate checksum in CI/CD and update README on each release.
Option B: Recommend git clone + local install (most secure)
git clone https://github.com/AgriciDaniel/claude-ads cd claude-ads bash install.shOption C: GitHub Releases with signed assets
Publish
install.shas a release asset and sign it with GPG.Additional Context
install.shscript itself is well-written (set -euo pipefail, main function wrapper, trap for cleanup)curl | bashFound during a full security audit of the repository.