web-search

This skill wraps the inference.sh CLI to run search and extraction apps. Its functionality (web search, content extraction, feeding results into LLMs) is coherent with the stated purpose. However, there are multiple supply-chain and operational risks: the provided quick-start uses a curl|sh installer (download-and-execute), the CLI requires login (credential exposure risk), the skill encourages transitive installs via npx (expands trust surface), and it processes arbitrary web content that can enable prompt-injection when combined with LLMs that have execution/write permissions. I find no direct evidence of embedded malware, obfuscated payloads, or explicit exfiltration endpoints in the provided text, but the installation and transitive-install patterns raise meaningful supply-chain risk that warrants caution. Recommend manual review of the installer script, verifying checksums/signatures before running, preferring pinned releases or package-manager installs, and restricting agent permissions (no arbitrary write/exec) when processing untrusted web content.