customer-persona

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These domains host a remote shell installer (the prompt includes "curl … | sh"), and executing or auto-downloading .sh installers from a non-standard/unverified domain is a high-risk vector for malware even if the site may be legitimate.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs running infsh app run tavily/search-assistant and exa/search to fetch market research queries (e.g., "product manager salary demographics 2024 survey") from the open web, so the agent will ingest and interpret untrusted/public third‑party content as part of its persona research workflow.