linkedin-content

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs instruct users to curl-and-pipe a shell script from an unverified domain (inference.sh / cli.inference.sh); executing unreviewed remote .sh installers from a non-established/unknown host is a high-risk vector for malware or unwanted code execution.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly shows using "infsh app run tavily/search-assistant" to research "LinkedIn viral post examples 2024" — i.e., fetching and analyzing public, user-generated LinkedIn/search results that the agent would read, which exposes it to untrusted third-party content and potential indirect prompt injection.