ai-rag-pipeline

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). The set includes an unfamiliar domain that instructs users to run a remote shell installer (curl ... | sh) — a high-risk pattern for malware distribution even though other links are docs/images or placeholders.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs web searches and extracts URL content from open/public sources using tools like tavily/search-assistant, exa/search, tavily/extract and exa/extract, then injects those untrusted search results and page contents into LLM prompts—exposing the agent to indirect prompt injection.