seo-content-brief

This SKILL.md is a documentation-style skill for creating SEO content briefs that relies heavily on the inference.sh ecosystem (installer + hosted apps). The main security concerns are supply-chain and data-flow: the install instructions use a curl|sh pipeline to download and execute a binary from dist.inference.sh, and the workflows send user queries, URLs, and potentially sensitive content and credentials to remote hosted apps (tavily/exa/infsh). There are no hardcoded secrets or obfuscated payloads in the provided file, but the curl|sh install pattern and remote service dependency raise medium-to-high supply-chain risk. Recommendations: avoid pipe-to-shell installs (provide package-manager installs or reproduce checksum verification steps), clearly document where credentials are sent and how they are stored, limit examples that encourage sending sensitive internal URLs, and make explicit which apps run remotely and what data they receive. Overall: not confirmed malware, but a notable supply-chain and data-exfiltration risk that warrants caution.