ai-social-media-content

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These are suspicious: they come from an unverified/third‑party domain (inference.sh) and the skill explicitly instructs piping a remote installer into sh (curl https://cli.inference.sh | sh), a classic high‑risk pattern for silent malware delivery; the cloud subdomain/image and the placeholder your-avatar.jpg could also host attacker‑controlled content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's Quick Start directs users to run "curl -fsSL https://cli.inference.sh | sh", which fetches and immediately executes a remote shell script from https://cli.inference.sh as a required CLI installation step, meaning remote code is executed at runtime.