agent-tools

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Most links are documentation or media on inference.sh, but the provided install instruction uses curl -fsSL https://cli.inference.sh | sh (directly downloading and executing a remote shell script), which is a high-risk pattern because a compromised or malicious script on that host could install malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill documents running web-search and social apps (e.g., "infsh app run tavily/search-assistant --input '{"query": "latest AI news"}'") and supports Twitter/X automation and returning external URLs, so the agent can fetch and read untrusted public web and social content from Tavily/Exa and arbitrary app outputs on inference.sh.