web-search

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). Most links are documentation and an image, but the skill instructs running a remote installer via "curl ... | sh" from an external domain (cli.inference.sh), which is a high‑risk pattern that can distribute malware if the script or domain is malicious or compromised.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs web searches and extracts content from arbitrary public URLs using Tavily and Exa (e.g., the tavily/extract and exa/extract examples that fetch and ingest web page content via inference.sh), so the agent will read untrusted third-party web content.