seo-content-brief

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The instruction to run "curl -fsSL https://cli.inference.sh | sh" and the presence of an unverified domain/subdomain (inference.sh / cli.inference.sh) that serves a remote installer is a high-risk pattern (remote script piped to sh can execute arbitrary code and distribute malware); the top-result-1/2 article URLs look like ordinary web content but are secondary and not the primary risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md SERP Analysis Process explicitly instructs using infsh apps (e.g., tavily/search-assistant and tavily/extract) to fetch and analyze top-ranking public URLs (example: "https://top-result-1.com/article" and arbitrary search results), meaning the agent will ingest and act on untrusted third-party web content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs the user to run curl -fsSL https://cli.inference.sh | sh (installing and executing remote code) and then run infsh app run ... which fetches and executes remote apps from inference.sh, so https://cli.inference.sh (and inference.sh) are runtime dependencies that execute remote code and control agent behavior.