twitter-thread-creation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). The instruction to curl and pipe a script from https://cli.inference.sh (and the related inference.sh domain) is a high‑risk pattern — it downloads and executes an unverified remote shell script from an unknown domain, which is a common malware distribution vector (example.com/pricing is just a benign placeholder).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and ingest public web content (e.g., "infsh app run infsh/agent-browser --input '{"url": "https://example.com/pricing\", "action": "screenshot"}'" and "infsh app run tavily/search-assistant --input '{"query": "latest statistics on remote work productivity 2024"}'"), which are open/public sources the agent is expected to read and use to compose threads, so untrusted third‑party content could influence decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The Quick Start includes a runtime installation command that fetches and executes remote code via "curl -fsSL https://cli.inference.sh | sh", and the skill subsequently relies on the installed infsh CLI to run commands, so this external URL executes remote code and is a required dependency.