case-study-writing

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These domains host an installer script and downloadable binaries for a CLI from an unverified/unknown vendor and the skill explicitly recommends piping a remote script to sh (curl https://cli.inference.sh | sh), which is a high-risk pattern unless you can independently verify signed binaries and checksums — the presence of a checksums.txt is a mild mitigator but not sufficient on its own.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Quick Start and Research Support sections explicitly instruct running infsh search apps (e.g., infsh app run tavily/search-assistant and infsh app run exa/search) to fetch industry benchmarks, competitor landscape, and supporting statistics from public web/search sources, so the agent will ingest untrusted third‑party content that can influence its writing and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start instructs running curl -fsSL https://cli.inference.sh | sh (which fetches and executes a remote installer and then pulls binaries from dist.inference.sh), and the skill relies on the installed infsh CLI at runtime to run remote apps and execute code, so https://cli.inference.sh is a runtime external dependency that executes remote code.