seo-content-brief

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The bundle includes a direct installer endpoint (https://cli.inference.sh) invoked as curl | sh from an untrusted domain (inference.sh) — a high‑risk distribution pattern for malware — while the other two URLs look like generic content pages and are lower risk individually; absence of verifiable package signatures or official package‑manager distribution increases the overall risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to run web searches and extract/analyze top-ranking pages from arbitrary public URLs (e.g., "infsh app run tavily/extract" with "urls": ["https://top-result-1.com/article", ...] and search-assistant/exa/search calls), which ingests untrusted third-party webpages whose content will be used to drive decisions and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's Quick Start explicitly instructs running "curl -fsSL https://cli.inference.sh | sh", which fetches and executes remote shell code (https://cli.inference.sh) and is required for the infsh commands the skill uses, so the external content executes code at runtime.