ai-content-pipeline

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The set includes an instruction to pipe a remote shell script into sh (curl -fsSL https://cli.inference.sh | sh) and direct links to hosted files on a third‑party domain (including a suspicious-looking your-music.mp3 host), which are high-risk patterns for malware distribution even if other links are mere docs/images on inference.sh.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes a web-research step (e.g., "Tavily Search" in Pattern 3 and the "Research -> Content" flow) and a "Summarize this blog post" example, so it fetches and ingests open/public third-party content (web pages/blogs/search results) which the agent is expected to read and process.