res-deep

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs running a Step 0 command that uses security ... -w (which prints the xAI API key to stdout) and otherwise includes explicit shell flows that read and handle the raw API key, so an agent executing these steps would observe the secret verbatim (risking exfiltration), even though keychain storage is recommended.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). console.x.ai appears to be an official web console (low risk), but https://astral.sh/uv/install.sh is a direct remote shell-script installer (curl|sh) from a small/unfamiliar domain — a high‑risk pattern for distributing malware—so the pair should be treated as suspicious until the script is inspected and the publisher verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs multi-source web ingestion (SKILL.md Steps 2–5 and WebFetch/scrapling fallback) and its scripts (scripts/xai_search.py) call web_search/x_search/reddit_search/github_search etc. to fetch and read public, user-generated content from Reddit, X/Twitter, GitHub, Hacker News, Substack, LinkedIn and other open websites, which the agent then synthesizes and uses to drive recommendations—exposing it to untrusted third-party content that could carry indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisites require installing uv via a direct shell pipe that fetches and executes remote code ("curl -LsSf https://astral.sh/uv/install.sh | sh"), and uv is required to run the included runtime scripts (uv run ...), so this external URL results in remote code execution that the skill depends on.