landing-page-design

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Piping a remote shell script from cli.inference.sh (and related inference.sh) into sh is a high-risk distribution pattern — it's an unverified .sh installer from a non-obvious vendor and could easily be used to distribute malware unless you can fully verify the publisher and inspect the script first.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Quick Start and examples call external apps (e.g., infsh app run tavily/search-assistant to "Research competitor landing pages" and infsh app run exa/answer for social-proof stats), which fetch and ingest open/public web content (untrusted user-generated/third-party pages) that the agent is expected to read and interpret.