yahoo-finance

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links point to direct install scripts (.sh and .ps1) hosted on a third‑party domain (astral.sh); running such remote scripts executes arbitrary code and, unless the domain and package are verified trusted, represents a high malware/distribution risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The prompt includes optional instructions that modify system-wide locations (ln -sf to /usr/local/bin) and suggests running a remote install script (curl | sh) which can change the machine state and may require sudo, but it does not explicitly ask the agent to escalate privileges, bypass security, modify protected system configs, or create users.