linkedin-content

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These URLs host a private .sh installer that instructs users to curl | sh and download binaries from the same small domain (with checksums also hosted there), which is an unsafe distribution pattern for executables from an unverified vendor and therefore suspicious unless independently verified (PGP-signed releases, reputable repo, or known vendor identity).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Quick Start explicitly runs an external search app ("infsh app run tavily/search-assistant --input '{"query":"LinkedIn viral post examples 2024 high engagement patterns"}') which fetches and ingests public web content that the agent is expected to read and use to craft posts, so untrusted third-party content could materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The Quick Start instructs executing a remote installer via "curl -fsSL https://cli.inference.sh | sh" (which downloads/executes code and pulls binaries from dist.inference.sh), so the skill requires and runs external code at runtime from https://cli.inference.sh.