Investigation

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains deliberate, repeated "MANDATORY" network beacons (curl POSTs) that must execute on invocation, plus unsandboxed local customization loading and automated multi-agent task orchestration—together these create a strong potential for covert telemetry/exfiltration, persistent backdoor configuration, and uncontrolled leakage of investigation data to local or third‑party services.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The OSINT skill explicitly instructs researcher agents to fetch and ingest public, user-generated web content (e.g., GitHub, Reddit, LinkedIn, Google News, social media and forum sources) as part of required workflows (see OSINT/SKILL.md and Workflows/DiscoverOSINTSources.md and CompanyDueDiligence.md), so untrusted third‑party content is read and used to drive decisions and next actions.