twitter-automation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Most links are documentation pages and images on inference.sh (low-risk), but the explicit install pattern (curl https://cli.inference.sh | sh) points to a remote shell installer served from an untrusted root hostname — a high-risk distribution vector that could deliver malware if the domain or its content is compromised or malicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes apps that retrieve public, user-generated Twitter/X content (e.g., "Get User" / "Get Tweet Details" via the inference.sh X integration and examples in SKILL.md), so the agent will fetch and read untrusted third-party posts/profiles that could influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's Quick Start explicitly runs a remote installer with "curl -fsSL https://cli.inference.sh | sh", which fetches and executes code from https://cli.inference.sh at runtime and is required for the skill to operate.