competitor-teardown

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Suspicious: the skill instructs piping and executing a remote shell script (curl -fsSL https://cli.inference.sh | sh) from an unverified domain (inference.sh/cli.inference.sh), a high-risk distribution pattern for malware; the competitor.com pages are standard website URLs but do not eliminate the danger of running a remote .sh installer.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md explicitly instructs the agent to fetch and scrape public competitor sites and user-generated review sources (e.g., infsh/agent-browser screenshots of https://competitor.com, tavily/extract of pricing pages, and review mining from G2/Capterra/Reddit), so the agent will ingest untrusted third‑party content that could contain instructions influencing its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start instructs running curl -fsSL https://cli.inference.sh | sh which downloads and executes remote code (and is required to run the infsh apps the skill uses), so the URL https://cli.inference.sh is a runtime dependency that executes remote code.