yahoo-finance

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.95). These URLs host shell and PowerShell install scripts on a non-obvious/third‑party domain and the skill explicitly instructs users to curl/Invoke‑RestMethod and pipe the output directly to sh/iex — a classic high‑risk pattern that can deliver arbitrary code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's SKILL.md shows it uses the yfinance library to fetch data from Yahoo Finance (public web pages) for commands like price/quote/fundamentals/earnings/options/ratings, meaning the agent ingests and acts on untrusted third-party content from the open web that can materially influence decisions or next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's installation instructions include commands that fetch and execute remote install scripts (curl -LsSf https://astral.sh/uv/install.sh | sh and powershell "irm https://astral.sh/uv/install.ps1 | iex"), and the skill requires the resulting "uv" tool at runtime to auto-install dependencies, so these URLs directly enable remote code execution during setup.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The prompt includes optional instructions that modify system-wide locations (ln -sf to /usr/local/bin) and suggests running a remote install script (curl | sh) which can change the machine state and may require sudo, but it does not explicitly ask the agent to escalate privileges, bypass security, modify protected system configs, or create users.