brightdata-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and references/commands.md / references/pipelines.md explicitly instruct the agent to fetch and scrape arbitrary public URLs (e.g., bdata scrape <url>, bdata search "<query>", and pipelines for YouTube, Reddit, Instagram, LinkedIn, etc.), which ingests untrusted user-generated web content that the agent is expected to read and can influence subsequent tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes an installation command that fetches and executes remote code at runtime (curl -fsSL https://cli.brightdata.com/install.sh | bash), which downloads and runs a script from cli.brightdata.com and therefore represents a high-confidence remote code execution dependency.