release

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). This is a direct raw GitHub link to an install.sh in a personal repository and the skill explicitly pipes it to bash (curl ... | bash), which is high-risk because running unreviewed remote shell scripts from an individual/unverified source can execute arbitrary malicious code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Test installation" manual step explicitly runs curl -fsSL https://raw.githubusercontent.com/guillempuche/appicons/main/scripts/install.sh | bash, which fetches and executes a public raw GitHub script (untrusted third‑party content) that can contain instructions affecting subsequent actions.