competitor-teardown

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). These links include a web-hosted installer intended to be run via "curl ... | sh" (https://cli.inference.sh), which is a high-risk distribution pattern for malware even if the other URLs are ordinary webpages (https://inference.sh and the competitor pages); running an unknown .sh from an untrusted domain is unsafe.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill actively instructs the agent to fetch and ingest open web content—e.g., infsh/agent-browser screenshot commands for arbitrary competitor URLs and tavily/exa search/extract calls targeting public sites like pricing pages, G2, Capterra, Product Hunt, and Reddit—so the agent will read untrusted, user-generated third‑party content as part of its workflow.