linkedin-content

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The URLs host an unverified CLI installer that the skill prompt instructs users to curl | sh (directly fetching and executing a remote shell script) from a non‑well‑known domain rather than a trusted package manager or signed release, which is a high‑risk pattern for malware delivery.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs running a web search assistant (infsh app run tavily/search-assistant) to "Research trending LinkedIn content patterns" which clearly fetches and ingests open, user-generated public content (LinkedIn posts / web examples) that the agent would read and interpret, enabling indirect prompt injection.