intercom-crm

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These are direct links to .sh install scripts on an unfamiliar domain and the skill explicitly tells users to curl | bash them with no integrity checks or provenance — a high-risk pattern for malware distribution.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and acts on Intercom user-generated content (e.g., conversations, messages, and help center articles) as shown by the endpoints "conversations", "messages", and "articles" in .claude-plugin/plugin.json and the SKILL.md examples like "Reply to the latest Intercom conversation from John", so untrusted third-party content could influence agent actions.