tavily-cli

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). One URL is a direct link to an install.sh on an unverified domain (cli.tavily.com), which is a common and high-risk vector if run (curl|bash), while the other two are documentation/placeholder pages (example.com) and are low risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly directs the agent to run tavily commands like tvly search, tvly extract "https://...", tvly crawl and tvly research to fetch and ingest content from arbitrary public web pages and URLs (third‑party sites), which the agent is expected to read and use for decision-making.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes a required setup command that fetches and executes remote code at runtime via "curl -fsSL https://cli.tavily.com/install.sh | bash", so https://cli.tavily.com/install.sh is a high-risk external dependency.