web-search

[Skill Scanner] Pipe-to-shell or eval pattern detected The package documentation and workflows implement a legitimate web-search-and-extraction capability, but they rely on high-risk supply-chain and runtime patterns: unpinned pipe-to-shell installer (curl | sh), unpinned npx package execution, broad CLI permissions, and unspecified handling of credentials and extracted data. There is no explicit malicious code visible in this fragment, but the installation and orchestration model meaningfully increases the probability of remote code execution or data exposure if the remote artifacts or endpoints are compromised. Recommended mitigations: avoid executing curl|sh without auditing the script, pin and verify installer/package versions and checksums, restrict allowed URL schemes for extraction, require least privilege for CLI operations, and document credential storage/retention and TLS/endpoint ownership. LLM verification: The SKILL.md accurately documents a legitimate-sounding capability (AI web search and extraction through inference.sh) but contains high-risk operational guidance: executing a remote, unpinned shell installer (curl | sh) and sending arbitrary URLs/content to a third-party service without documented privacy/retention or integrity protections. The file itself is not demonstrably malicious, but following its Quick Start exposes users to significant supply-chain risk and potential data leakage. Reco