image-upscaling

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These links include a direct instruction to fetch-and-execute a remote shell script (curl -fsSL https://cli.inference.sh | sh) from an external/unknown domain — a high-risk distribution pattern even though other links are documentation/images on the same domain.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's examples and CLI use accept arbitrary external image URLs (e.g., --input '{"image_url": "https://your-image.jpg"}' and "https://low-res-image.jpg") which the agent fetches and processes from public/untrusted web sources as part of the upscaling workflow.