press-release-writing

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). They point to a remote .sh installer (curl https://cli.inference.sh | sh) served from an unverified domain; piping and executing a fetched shell script is a high-risk vector for malware unless the domain and script are trusted and verifiably signed.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using the inference.sh CLI to run open web search apps (e.g., infsh app run tavily/search-assistant, exa/search, exa/answer) to fetch and fact-check public web content, meaning the agent will ingest untrusted third‑party/user-generated web content as part of its workflow.