case-study-writing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Quick Start and Research Support sections explicitly instruct running infsh search apps (e.g., infsh app run tavily/search-assistant and infsh app run exa/search) to fetch industry benchmarks, competitor landscape, and supporting statistics from public web/search sources, so the agent will ingest untrusted third‑party content that can influence its writing and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start instructs running curl -fsSL https://cli.inference.sh | sh (which fetches and executes a remote installer and then pulls binaries from dist.inference.sh), and the skill relies on the installed infsh CLI at runtime to run remote apps and execute code, so https://cli.inference.sh is a runtime external dependency that executes remote code.