web-search

[Skill Scanner] Pipe-to-shell or eval pattern detected The manifest itself is a benign documentation artifact that instructs users to install and use the inference.sh CLI and hosted apps (Tavily, Exa) for web search and content extraction. No explicit malicious code or hard-coded credentials are present in the supplied file. The primary risks are operational and privacy-oriented: executing an unchecked remote installer (curl | sh), concentrating user queries and extracted content at a third-party service (inference.sh/Tavily/Exa), broad allowed-tool permissions (Bash(infsh *)) which expand runtime capability, and lack of documented login scopes/token handling. To reduce risk, review the installer, verify publisher identity, restrict tool permissions for agents, and avoid sending sensitive data to the service without appropriate controls. LLM verification: The skill's functionality matches its stated purpose, but it uses a high-risk install pattern (curl | sh) and routes user queries, URLs and extracted content through the inference.sh managed service and other third-party LLM endpoints. That centralized data flow and undocumented handling/retention of credentials and content are supply-chain and privacy risks. I find no explicit malicious code in the provided skill text, but the install and runtime architecture merit caution. Recommend reviewing