res-deep

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The link to https://astral.sh/uv/install.sh is high-risk because it is a direct shell installer (curl|sh style) from a third‑party domain — a common malware distribution vector — while https://console.x.ai is an API/console page (not a direct download) but could be mimicked by phishing, so overall treat the pair as suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs automated searches of and deep-reads content from untrusted public sources (Web, Reddit, X/Twitter, GitHub, Hacker News, Substack, LinkedIn, etc.) using Claude WebSearch and the xAI scripts and then WebFetch/scrapling fallback to ingest that content for synthesis and recommendations (see SKILL.md Round 1/2/3 and scripts/xai_search.py), so third‑party/user‑generated content is read and can materially influence decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's prerequisites explicitly require installing uv via a remote install script (curl -LsSf https://astral.sh/uv/install.sh | sh), which fetches and executes remote code as a required dependency.