tavily-research

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). This is a direct link to an install.sh shell script on a third‑party domain and the skill explicitly suggests piping it to bash (curl | bash), which is a high‑risk pattern because such scripts can execute arbitrary commands unless you fully trust and have inspected the script and domain.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly describes tvly research as gathering and analyzing sources "grounded in web sources" using a workflow that includes "search → extract → map → crawl → research" and the tvly CLI (e.g., tvly research "query"), which clearly fetches and ingests open/public third‑party web content that the agent reads and synthesizes.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's Quick install runs a fetched script via "curl -fsSL https://cli.tavily.com/install.sh | bash" and the skill requires the Tavily CLI, so remote code at https://cli.tavily.com/install.sh would be fetched and executed as a required dependency.