ai-rag-pipeline

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). The set includes an unfamiliar domain that instructs users to run a remote shell installer (curl ... | sh) — a high-risk pattern for malware distribution even though other links are docs/images or placeholders.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs web searches and page extraction (e.g., infsh app run tavily/search-assistant ... and infsh app run tavily/extract --input { "urls": [...] }), ingesting untrusted public web/URL content and feeding those results directly into LLM prompts.