Comment by Legend2440

4 days ago

Well no, that's really not related to the issue at all.

This is a bog-standard supply chain attack against their skills repository. It's not an LLM-specific attack, and nearly every repository (pip, npm, etc) has been subject to similar malware.