newsletter-curation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These URLs host a remote shell installer (curl ... | sh) from a small .sh domain — executing an unattended remote shell script is a high-risk distribution pattern unless the domain and publisher are well-known and verifiable.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and ingest open web content (e.g., "infsh app run tavily/search-assistant" and a "site:reddit.com" query) and lists social/community sources like Twitter, Reddit, and HN, so the agent will read untrusted user-generated third‑party content as part of its curation workflow.