twitter-thread-creation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The set includes a remote install script (https://cli.inference.sh) intended to be piped to sh and a custom domain-hosted binary distribution (dist.inference.sh) — a common and high-risk vector for malware even if checksums are provided, because the sources are not a widely recognized package repository and an attacker controlling the domain could serve malicious executables.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows running infsh/agent-browser with arbitrary URLs (e.g., the "Generate screenshots for evidence" example using "https://example.com/pricing") and a web search command (tavily/search-assistant) under "Repurposing to Thread", so the agent is instructed to fetch and ingest public web content/search results which can directly influence thread content and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start instructs executing remote install code via "curl -fsSL https://cli.inference.sh | sh" (which downloads binaries from dist.inference.sh and runs them), and the skill depends on that infsh CLI at runtime to run remote apps/commands, so the https://cli.inference.sh (and associated dist.inference.sh) fetches and executes remote code the skill requires.