content-creation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.95). Yes — this is a direct raw GitHub link to an install.sh script from an individual/unknown repo and the skill explicitly instructs piping it to bash (curl | bash), which allows arbitrary code execution and is a high-risk vector for malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and executes a remote script from a public third-party URL (curl ... https://raw.githubusercontent.com/esmondo/berkarja/main/scripts/install.sh | bash), so it ingests and runs untrusted content from the open web that could carry injected instructions.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Attempt to compromise machine state in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running a remote install script via curl ... | bash, which directs the agent to execute arbitrary code that can modify system files, install software, or create accounts and thus compromises the machine state.