linkedin-content

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The URLs host an unverified CLI installer that the skill prompt instructs users to curl | sh (directly fetching and executing a remote shell script) from a non‑well‑known domain rather than a trusted package manager or signed release, which is a high‑risk pattern for malware delivery.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Quick Start explicitly instructs using "infsh app run tavily/search-assistant" with queries like "LinkedIn viral post examples 2024" to research trending LinkedIn content, which clearly fetches and ingests public/user-generated web and social-media content that the agent would read and use to craft posts—creating a pathway for indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start directs executing remote code with "curl -fsSL https://cli.inference.sh | sh" to install the inference.sh CLI, which downloads and runs code at runtime and is a required dependency for the skill (https://cli.inference.sh).