try-unblocked

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These URLs include a direct shell installer (install.sh) intended to be fetched and piped to bash from an unverified third‑party domain (getunblocked.com), which is a common and high‑risk malware distribution pattern even if the docs themselves look benign.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to download/run a shell script from https://getunblocked.com/install.sh and to configure the Unblocked MCP so the agent will ingest and query user-generated, potentially untrusted content from PRs, Slack threads, Jira tickets and public docs, which can convey indirect prompt injections.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs at runtime to run a shell pipeline that fetches and executes a remote installer script (curl -fsSL https://getunblocked.com/install.sh | bash), which directly executes remote code and is presented as a required installation step for the skill.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs the agent to download and execute a remote install script (curl | bash) and run CLI commands that install/configure third-party software and modify the system environment, which changes machine state and can compromise the host.