logo-design-guide

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs point to a custom CLI installer that the skill instructs users to curl|sh and to download binaries from the same unvetted domain (with checksums served from the same host), which—while not proven malicious—matches high‑risk distribution patterns (remote shell execution and hosting executables on an unknown domain) that could be used to deliver malware.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs users to run "curl -fsSL https://cli.inference.sh | sh" which fetches and executes remote install code from https://cli.inference.sh (and pulls binaries from dist.inference.sh) at runtime and the skill relies on the resulting infsh CLI, so this is a direct remote-code execution dependency.