twitter-thread-creation

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These URLs point to a custom CLI install script (cli.inference.sh) that the skill tells users to run via curl | sh and which downloads binaries from dist.inference.sh with only plaintext SHA‑256 checksums—an installation pattern that can deliver malware if the domain, script, or distribution is compromised (example.com/pricing is just a benign placeholder).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows running infsh/agent-browser with arbitrary URLs (e.g., the "Generate screenshots for evidence" example using "https://example.com/pricing") and a web search command (tavily/search-assistant) under "Repurposing to Thread", so the agent is instructed to fetch and ingest public web content/search results which can directly influence thread content and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start instructs executing remote install code via "curl -fsSL https://cli.inference.sh | sh" (which downloads binaries from dist.inference.sh and runs them), and the skill depends on that infsh CLI at runtime to run remote apps/commands, so the https://cli.inference.sh (and associated dist.inference.sh) fetches and executes remote code the skill requires.