product-changelog

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). High risk: the prompt instructs piping a remote shell script (curl https://cli.inference.sh | sh) from an unverified/unknown domain (inference.sh) — a classic high-risk pattern for malware distribution; the third URL is a generic placeholder and doesn't mitigate this risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Generating Visuals" instructions explicitly call infsh app run infsh/agent-browser with a user-specified "url" (e.g., "https://your-app.com/new-feature"), which causes the agent to browse and ingest arbitrary public web pages and their content.