twitter-thread-creation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Although https://example.com/pricing is benign (example.com is reserved), the skill instructs piping and executing a shell from https://cli.inference.sh (and originates from the unverified domain inference.sh), which is a high‑risk pattern because running remote .sh installers from an untrusted/unknown domain can install malware or backdoors.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly invokes web-fetching tools—e.g., infsh app run infsh/agent-browser with a URL ("https://example.com/pricing") and tavily/search-assistant for web queries—so it fetches and ingests open/public third‑party content that could be untrusted and allow indirect prompt injection.