Plugin and skill installs fail by default when install-time scans report critical dangerous-code findings.
Install safety: fail closed
Plugin and skill installs that run built-in dangerous-code analysis can now fail closed when the scan reports critical findings.
What changed
- Installs that used to succeed may stop until you explicitly accept risk
- The escape hatch is a documented dangerous override flag (for example
--dangerously-force-unsafe-install) — only use when you have reviewed the code path
Prefer fixing the plugin or pinning a safer version over overriding blindly.