ai-rag-pipeline

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). While documentation and image links look benign, the prompt explicitly instructs running "curl ... | sh" from https://cli.inference.sh — downloading and executing a shell installer from an untrusted/non-major domain is a high-risk pattern that can distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill issues web searches (tavily/search-assistant, exa/search, exa/answer) and performs URL content extraction (tavily/extract, exa/extract) from arbitrary/public sites and directly injects those search/extracted results into LLM prompts, exposing the agent to untrusted user-generated/open-web content that could carry indirect prompt injections.