Summary
vladkesler/initrunner v2026-03-22 was classified as CRITICAL RISK with a risk score of 7417. Sigil detected 693 findings across 691 files, covering phases including provenance, code patterns, network exfiltration, install hooks, obfuscation, credential access. Review the findings below before installing this package.
Package description: Define AI agent roles in YAML and run them anywhere: CLI, API server, or autonomous daemon
v2026-03-22
23 March 2026, 00:02 UTC
by Sigil Bot
Risk Score
7417
Findings
693
Files Scanned
691
Provenance
Findings by Phase
Phase Ordering
Phases are ordered by criticality, with the most dangerous at the top. Click any phase header to expand or collapse its findings. Critical phases are expanded by default.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/README.md:47
```bash
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras all
initrunner setup # wizard: pick provider, model, API keyWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/README.md:144
|---|---|---|---|
| **Setup** | `curl -fsSL https://initrunner.ai/install.sh \| sh` + API key | Install 5-10 packages, write glue code | `pip install langchain` + adapters |
| **Agent config** | One YAML file | Python classes + wiring | Python chains + config objects |Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/configuration/ollama.md:11
# macOS / Linux
curl -fsSL https://ollama.com/install.sh | sh
ollama serveWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installation.md:8
```bash
curl -fsSL https://initrunner.ai/install.sh | sh
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installation.md:14
```bash
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras ingest
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installation.md:20
```bash
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installation.md:50
# shell installer
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras all
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installation.md:68
# shell installer (comma-separated)
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras ingest,search,dashboard
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:9
# Install latest version
curl -fsSL https://initrunner.ai/install.sh | sh
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:12
# Install with extras (TUI, ingestion, Anthropic provider)
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingest
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:15
# Pin to a specific version
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:18
# Force a specific installer
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipx
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:21
# CI mode (no PATH modifications)
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanaged
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:24
# Uninstall
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --uninstall
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:138
# Skip all profile modifications
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanaged
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:142
INITRUNNER_INSTALL_METHOD=uv INITRUNNER_NO_MODIFY_PATH=1 \
curl -fsSL https://initrunner.ai/install.sh | sh
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/docs/getting-started/installer.md:152
```bash
curl -fsSL https://initrunner.ai/install.sh | sh -s -- --uninstall
```Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/examples/roles/initrunner-support/knowledge-base/provider-configuration.md:186
# Install Ollama
curl -fsSL https://ollama.com/install.sh | sh
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:3
# initrunner installer
# Usage: curl -fsSL https://initrunner.ai/install.sh | sh
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingestWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:4
# Usage: curl -fsSL https://initrunner.ai/install.sh | sh
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingest
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:5
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingest
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanagedWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:6
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanaged
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipxWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:7
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanaged
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipx
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --uninstallWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:8
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipx
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --uninstall
set -euWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:113
Usage:
curl -fsSL https://initrunner.ai/install.sh | sh
curl -fsSL https://initrunner.ai/install.sh | sh -s -- [OPTIONS]Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:114
curl -fsSL https://initrunner.ai/install.sh | sh
curl -fsSL https://initrunner.ai/install.sh | sh -s -- [OPTIONS]
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/install.sh:285
curl -LsSf https://astral.sh/uv/install.sh | sh
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:3
# initrunner installer
# Usage: curl -fsSL https://initrunner.ai/install.sh | sh
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingestWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:4
# Usage: curl -fsSL https://initrunner.ai/install.sh | sh
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingest
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:5
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --extras tui,ingest
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanagedWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:6
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --version 0.2.0
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanaged
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipxWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:7
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --unmanaged
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipx
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --uninstallWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:8
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --method pipx
# curl -fsSL https://initrunner.ai/install.sh | sh -s -- --uninstall
set -euWhy was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:113
Usage:
curl -fsSL https://initrunner.ai/install.sh | sh
curl -fsSL https://initrunner.ai/install.sh | sh -s -- [OPTIONS]Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:114
curl -fsSL https://initrunner.ai/install.sh | sh
curl -fsSL https://initrunner.ai/install.sh | sh -s -- [OPTIONS]
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
install-makefile-curl
HIGHMakefile/script pipes remote content to shell
repo/tests/installer/install.sh:285
curl -LsSf https://astral.sh/uv/install.sh | sh
Why was this flagged?
A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.
Badge
Markdown
[](https://sigilsec.ai/scans/879608A5-72EE-4878-B869-23CEAF1C3ADE)HTML
<a href="https://sigilsec.ai/scans/879608A5-72EE-4878-B869-23CEAF1C3ADE"><img src="https://sigilsec.ai/badge/github/vladkesler/initrunner" alt="Sigil Scan"></a>Run This Scan Yourself
Scan your own packages
Run Sigil locally to audit any package before it touches your codebase.
Early Access
Get cloud scanning, threat intel, and CI/CD integration.
Join 150+ developers on the waitlist.
Get threat intelligence and product updates
Security research, new threat signatures, and product updates. No spam.
Other github scans
Believe this result is incorrect? Request a review or see our Terms of Service and Methodology.