tavily-search

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). This is high risk: it's a direct download of a shell installer (install.sh) intended to be piped to bash from a third‑party domain (cli.tavily.com), which can execute arbitrary commands and should be inspected/verified before running.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows it performs web searches via the Tavily CLI (e.g., "tvly search ... --json") and can return content snippets or full page text with --include-raw-content from arbitrary public websites, so the agent will ingest untrusted third‑party web content that can influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Quick install uses "curl -fsSL https://cli.tavily.com/install.sh | bash", which fetches and executes remote code and is presented as a required prerequisite for the skill, so this URL is flagged.