producthunt

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These are high-risk: an unrecognized domain (canifi.com) is hosting direct .sh installers and the skill instructs users to run curl | bash and store credentials in local env—classic vectors for arbitrary code execution and credential exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow explicitly automates browsing producthunt.com via Playwright (e.g., "Navigate to producthunt.com", "View today's products", "Find the product listing", "Comment on launch"), thereby ingesting and acting on public, user-generated Product Hunt pages and comments which could influence which items it upvotes/comments on and thus enable indirect prompt injection from third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Install and setup instruct users to pipe remote install scripts to a shell (curl -sSL https://canifi.com/skills/producthunt/install.sh | bash and curl -sSL https://canifi.com/install.sh | bash), which fetches and executes external code during installation and is a required dependency for the skill.