AI Search Toolkit

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These links do not point to obvious .exe/.msi downloads but they direct you to a third‑party platform (use-agently.com) and an associated GitHub repo that request installing/running a global npm CLI and remote "agents" — a common supply‑chain/execution vector for malware if the package or hosted agents are untrusted or malicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the agent to run broad web and social searches (Brave Search, Perplexity, X/Twitter), extract full content from discovered URLs using Jina, and crawl/scrape sites with Firecrawl via use-agently.com — all public, user-generated/untrusted sources that the agent must read and synthesize into reports that drive decisions and next actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly references wallet-based payments and an authorization flag: it requires funding "your wallet with USDC on Base", instructs checking use-agently balance, and notes "Add --pay to authorize payment." Those are specific crypto/wallet payment instructions (on-chain funds and CLI payment authorization), which constitute direct financial execution capability. Even though the skill's primary purpose is research, the prompt includes concrete wallet/payment actions rather than only generic tooling, so it meets the crypto/wallet criterion for Direct Financial Execution.