llm-models

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Although several links are documentation pages and an image on inference.sh, the skill explicitly instructs running a remote shell script via "curl https://cli.inference.sh | sh" from a non-major/unverified domain — piping a fetched .sh to a shell is a common high-risk malware distribution vector (and the cloud subdomain can host arbitrary files), so this source should be treated as suspicious.