press-release-writing

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Yes — both domains are an unknown .sh host that provides a curl | sh install path (cli.inference.sh), a high‑risk pattern because it executes unverified remote shell code outside official package managers or vetted repositories.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Research & Fact-Checking" instructions tell the agent to run external web searches via the inference.sh CLI (e.g., "infsh app run tavily/search-assistant" and "infsh app run exa/search"), which fetch open web/public search results that are untrusted third‑party content the agent is expected to read and interpret.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The Quick Start instructs fetching and piping https://cli.inference.sh into sh (curl -fsSL https://cli.inference.sh | sh), which downloads and executes remote code at runtime and the skill relies on the infsh CLI for runtime research, so this URL is a high-risk runtime dependency.