linkedin-content

[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] This skill appears functionally benign and internally consistent: it documents LinkedIn content best practices and uses a hosted CLI (inference.sh) and hosted inference/image apps to implement the examples. No direct malicious code is present in the provided text. The primary security concerns are supply-chain and privacy: (1) the recommended install pattern (curl | sh) is risky unless users verify checksums, and (2) user content and authentication credentials will be sent to inference.sh and any configured third-party model providers (exposure depends on those providers' trustworthiness). Recommend verifying SHA-256 checksums before install, reviewing the CLI source or binary provenance, and treating any secrets/credentials cautiously (use least-privilege tokens). LLM verification: Overall, the skill's stated purpose (LinkedIn content generation via an external CLI) is technically coherent with its implementation. However, the install/execution approach (curl | sh to fetch and run remote binaries) is a high-risk pattern that undermines trust, introduces potential supply-chain risk, and broadens the security footprint beyond the simple content-generation scope. Given the dynamic execution path and reliance on an external tool, this is SUSPICIOUS to HIGHLY SUSPICIOUS for a s