load-template

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The URL points to a raw GitHub-hosted shell script (load.sh) from a personal repository and is being recommended for direct curl|bash execution — a high-risk pattern because running remote .sh without reviewing its contents can execute arbitrary/malicious commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and executes template files from a public GitHub raw URL (https://raw.githubusercontent.com/tkarakai/ai-agent-instruction-templates/main/load.sh) and populates .agents//AGENTS.md with those templates, which are user-generated public content the agent will read and act on.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill runs a remote script at runtime using bash -c "$(curl -fsSL https://raw.githubusercontent.com/tkarakai/ai-agent-instruction-templates/main/load.sh)" which downloads and executes code from GitHub, making the external URL a direct remote-code/runtime-control dependency.